/**
 *
 */
import Util;
import OpenApi;
import OpenApiUtil;
import EndpointUtil;

extends OpenApi;


init(config: OpenApi.Config){
  super(config);
  @endpointRule = 'central';
  
  checkConfig(config);
  @endpoint = getEndpoint('resourcemanager', @regionId, @endpointRule, @network, @suffix, @endpointMap, @endpoint);
}

function getEndpoint(productId: string, regionId: string, endpointRule: string, network: string, suffix: string, endpointMap: map[string]string, endpoint: string) throws: string{
  if (!Util.empty(endpoint)) {
    return endpoint;
  }
  
  if (!Util.isUnset(endpointMap) && !Util.empty(endpointMap[regionId])) {
    return endpointMap[regionId];
  }
  return EndpointUtil.getEndpointRules(productId, regionId, endpointRule, network, suffix);
}

model AcceptHandshakeRequest {
  handshakeId?: string(name='HandshakeId', description='The ID of the invitation.

You can call the [ListHandshakesForAccount](https://help.aliyun.com/document_detail/160006.html) operation to obtain the ID.

This parameter is required.', example='h-Ih8IuPfvV0t0****'),
}

model AcceptHandshakeResponseBody = {
  handshake?: {
    createTime?: string(name='CreateTime', description='The time when the invitation was created. The time is displayed in UTC.', example='2021-01-06T02:15:40Z'),
    expireTime?: string(name='ExpireTime', description='The time when the invitation expires. The time is displayed in UTC.', example='2021-01-20T02:15:40Z'),
    handshakeId?: string(name='HandshakeId', description='The ID of the invitation.', example='h-Ih8IuPfvV0t0****'),
    masterAccountId?: string(name='MasterAccountId', description='The ID of the management account of the resource directory.', example='151266687691****'),
    masterAccountName?: string(name='MasterAccountName', description='The name of the management account of the resource directory.', example='CompanyA'),
    modifyTime?: string(name='ModifyTime', description='The time when the invitation was modified. The time is displayed in UTC.', example='2021-01-06T02:16:40Z'),
    note?: string(name='Note', description='The comment on the invitation.', example='Welcome'),
    resourceDirectoryId?: string(name='ResourceDirectoryId', description='The ID of the resource directory.', example='rd-3G****'),
    status?: string(name='Status', description='The status of the invitation. Valid values:

*   Pending: The invitation is waiting for confirmation.
*   Accepted: The invitation is accepted.
*   Cancelled: The invitation is canceled.
*   Declined: The invitation is rejected.
*   Expired: The invitation expires.', example='Accepted'),
    targetEntity?: string(name='TargetEntity', description='The ID or logon email address of the invited Alibaba Cloud account.', example='177242285274****'),
    targetType?: string(name='TargetType', description='The type of the invited Alibaba Cloud account. Valid values:

*   Account: indicates the ID of the Alibaba Cloud account.
*   Email: indicates the logon email address of the Alibaba Cloud account.', example='Account'),
  }(name='Handshake', description='The information of the invitation.'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='5828C836-3286-49A6-9006-15231BB19342'),
}

model AcceptHandshakeResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: AcceptHandshakeResponseBody(name='body'),
}

/**
 * @summary Accepts an invitation.
 *
 * @description After an invited Alibaba Cloud account joins a resource directory, it becomes a member of the resource directory. By default, the name of the invited Alibaba Cloud account is used as the display name of the account in the resource directory.
 * This topic provides an example on how to call the API operation to accept the invitation `h-Ih8IuPfvV0t0****` that is initiated to invite the Alibaba Cloud account `177242285274****` to join the resource directory `rd-3G****`.
 *
 * @param request AcceptHandshakeRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return AcceptHandshakeResponse
 */
async function acceptHandshakeWithOptions(request: AcceptHandshakeRequest, runtime: Util.RuntimeOptions): AcceptHandshakeResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.handshakeId)) {
    query['HandshakeId'] = request.handshakeId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'AcceptHandshake',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Accepts an invitation.
 *
 * @description After an invited Alibaba Cloud account joins a resource directory, it becomes a member of the resource directory. By default, the name of the invited Alibaba Cloud account is used as the display name of the account in the resource directory.
 * This topic provides an example on how to call the API operation to accept the invitation `h-Ih8IuPfvV0t0****` that is initiated to invite the Alibaba Cloud account `177242285274****` to join the resource directory `rd-3G****`.
 *
 * @param request AcceptHandshakeRequest
 * @return AcceptHandshakeResponse
 */
async function acceptHandshake(request: AcceptHandshakeRequest): AcceptHandshakeResponse {
  var runtime = new Util.RuntimeOptions{};
  return acceptHandshakeWithOptions(request, runtime);
}

model AttachControlPolicyRequest {
  policyId?: string(name='PolicyId', description='The ID of the access control policy.

This parameter is required.', example='cp-jExXAqIYkwHN****'),
  targetId?: string(name='TargetId', description='The ID of the object to which you want to attach the access control policy. Access control policies can be attached to the following objects:

*   Root folder
*   Subfolders of the Root folder
*   Members

This parameter is required.', example='fd-ZDNPiT****'),
}

model AttachControlPolicyResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='95060F1D-6990-4645-8920-A81D1BBFE992'),
}

model AttachControlPolicyResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: AttachControlPolicyResponseBody(name='body'),
}

/**
 * @description After you attach an access control policy, the operations performed on resources by using members are limited by the policy. Make sure that the attached policy meets your expectations. Otherwise, your business may be affected.
 * By default, the system access control policy FullAliyunAccess is attached to each folder and member.
 * The access control policy that is attached to a folder also applies to all its subfolders and all members in the subfolders.
 * A maximum of 10 access control policies can be attached to a folder or member.
 * This topic provides an example on how to call the API operation to attach the custom access control policy `cp-jExXAqIYkwHN****` to the folder `fd-ZDNPiT****`.
 *
 * @param request AttachControlPolicyRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return AttachControlPolicyResponse
 */
async function attachControlPolicyWithOptions(request: AttachControlPolicyRequest, runtime: Util.RuntimeOptions): AttachControlPolicyResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.policyId)) {
    query['PolicyId'] = request.policyId;
  }
  if (!Util.isUnset(request.targetId)) {
    query['TargetId'] = request.targetId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'AttachControlPolicy',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @description After you attach an access control policy, the operations performed on resources by using members are limited by the policy. Make sure that the attached policy meets your expectations. Otherwise, your business may be affected.
 * By default, the system access control policy FullAliyunAccess is attached to each folder and member.
 * The access control policy that is attached to a folder also applies to all its subfolders and all members in the subfolders.
 * A maximum of 10 access control policies can be attached to a folder or member.
 * This topic provides an example on how to call the API operation to attach the custom access control policy `cp-jExXAqIYkwHN****` to the folder `fd-ZDNPiT****`.
 *
 * @param request AttachControlPolicyRequest
 * @return AttachControlPolicyResponse
 */
async function attachControlPolicy(request: AttachControlPolicyRequest): AttachControlPolicyResponse {
  var runtime = new Util.RuntimeOptions{};
  return attachControlPolicyWithOptions(request, runtime);
}

model AttachPolicyRequest {
  policyName?: string(name='PolicyName', description='The name of the policy.

The name must be 1 to 128 characters in length and can contain letters, digits, and hyphens (-).

This parameter is required.', example='AdministratorAccess'),
  policyType?: string(name='PolicyType', description='The type of the policy. Valid values:

*   Custom: custom policy
*   System: system policy

This parameter is required.', example='System'),
  principalName?: string(name='PrincipalName', description='The name of the object to which you want to attach the policy.

*   If you want to attach the policy to a RAM user, specify the name in the \\\\<UserName>@\\\\<AccountAlias>.onaliyun.com format. \\\\<UserName> indicates the name of the RAM user, and \\\\<AccountAlias> indicates the alias of the Alibaba Cloud account to which the RAM user belongs.
*   If you want to attach the policy to a RAM user group, specify the name in the \\\\<GroupName>@group.\\\\<AccountAlias>.onaliyun.com format. \\\\<GroupName> indicates the name of the RAM user group, and \\\\<AccountAlias> indicates the alias of the Alibaba Cloud account to which the RAM user group belongs.
*   If you want to attach the policy to a RAM role, specify the name in the \\\\<RoleName>@role.\\\\<AccountAlias>.onaliyun.com format. \\\\<RoleName> indicates the name of the RAM role, and \\\\<AccountAlias> indicates the alias of the Alibaba Cloud account to which the RAM role belongs.

>  The alias of an Alibaba Cloud account is a part of the default domain name. You can call the [GetDefaultDomain](https://help.aliyun.com/document_detail/186720.html) operation to obtain the alias of an Alibaba Cloud account.

This parameter is required.', example='alice@demo.onaliyun.com'),
  principalType?: string(name='PrincipalType', description='The type of the object to which you want to attach the policy. Valid values:

*   IMSUser: RAM user
*   IMSGroup: RAM user group
*   ServiceRole: RAM role

This parameter is required.', example='IMSUser'),
  resourceGroupId?: string(name='ResourceGroupId', description='The effective scope of the policy. You can set this parameter to one of the following items:

*   ID of a resource group: indicates that the policy takes effect for the resources in the resource group.
*   ID of the Alibaba Cloud account to which the authorized object belongs: indicates that the policy takes effect for the resources within the Alibaba Cloud account.

This parameter is required.', example='rg-9gLOoK****'),
}

model AttachPolicyResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='697852FB-50D7-44D9-9774-530C31EAC572'),
}

model AttachPolicyResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: AttachPolicyResponseBody(name='body'),
}

/**
 * @summary 为RAM身份授权
 *
 * @description In this example, the policy `AdministratorAccess` is attached to the RAM user `alice@demo.onaliyun.com` and takes effect only for resources in the `rg-9gLOoK****` resource group.
 *
 * @param request AttachPolicyRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return AttachPolicyResponse
 */
async function attachPolicyWithOptions(request: AttachPolicyRequest, runtime: Util.RuntimeOptions): AttachPolicyResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.policyName)) {
    query['PolicyName'] = request.policyName;
  }
  if (!Util.isUnset(request.policyType)) {
    query['PolicyType'] = request.policyType;
  }
  if (!Util.isUnset(request.principalName)) {
    query['PrincipalName'] = request.principalName;
  }
  if (!Util.isUnset(request.principalType)) {
    query['PrincipalType'] = request.principalType;
  }
  if (!Util.isUnset(request.resourceGroupId)) {
    query['ResourceGroupId'] = request.resourceGroupId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'AttachPolicy',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary 为RAM身份授权
 *
 * @description In this example, the policy `AdministratorAccess` is attached to the RAM user `alice@demo.onaliyun.com` and takes effect only for resources in the `rg-9gLOoK****` resource group.
 *
 * @param request AttachPolicyRequest
 * @return AttachPolicyResponse
 */
async function attachPolicy(request: AttachPolicyRequest): AttachPolicyResponse {
  var runtime = new Util.RuntimeOptions{};
  return attachPolicyWithOptions(request, runtime);
}

model BindSecureMobilePhoneRequest {
  accountId?: string(name='AccountId', description='The Alibaba Cloud account ID of the member.

This parameter is required.', example='138660628348****'),
  secureMobilePhone?: string(name='SecureMobilePhone', description='The mobile phone number that you want to bind to the member for security purposes.

The mobile phone number you specify must be the same as the mobile phone number that you specify when you call the [SendVerificationCodeForBindSecureMobilePhone](https://help.aliyun.com/document_detail/372556.html) operation to obtain a verification code.

Specify the mobile phone number in the \\\\<Country code>-\\\\<Mobile phone number> format.

>  Mobile phone numbers in the `86-<Mobile phone number>` format in the Chinese mainland are not supported.

This parameter is required.', example='xx-13900001234'),
  verificationCode?: string(name='VerificationCode', description='The verification code.

You can call the [SendVerificationCodeForBindSecureMobilePhone](https://help.aliyun.com/document_detail/372556.html) operation to obtain the verification code.

This parameter is required.', example='123456'),
}

model BindSecureMobilePhoneResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='0217AFEB-5318-56D4-B167-1933D83EDF3F'),
}

model BindSecureMobilePhoneResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: BindSecureMobilePhoneResponseBody(name='body'),
}

/**
 * @summary 设置安全手机号
 *
 * @description You can call this API operation only to bind a mobile phone number to a member of the resource account type. You cannot call this API operation to change the mobile phone number that is bound to a member of the resource account type.
 * To ensure that the system can record the operators of management operations, you must use a RAM user or RAM role to which the AliyunResourceDirectoryFullAccess policy is attached within the management account of your resource directory to call this API operation.
 * This topic provides an example on how to call the API operation to bind a mobile phone number to the member `138660628348****` for security purposes.
 *
 * @param request BindSecureMobilePhoneRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return BindSecureMobilePhoneResponse
 */
async function bindSecureMobilePhoneWithOptions(request: BindSecureMobilePhoneRequest, runtime: Util.RuntimeOptions): BindSecureMobilePhoneResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.accountId)) {
    query['AccountId'] = request.accountId;
  }
  if (!Util.isUnset(request.secureMobilePhone)) {
    query['SecureMobilePhone'] = request.secureMobilePhone;
  }
  if (!Util.isUnset(request.verificationCode)) {
    query['VerificationCode'] = request.verificationCode;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'BindSecureMobilePhone',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary 设置安全手机号
 *
 * @description You can call this API operation only to bind a mobile phone number to a member of the resource account type. You cannot call this API operation to change the mobile phone number that is bound to a member of the resource account type.
 * To ensure that the system can record the operators of management operations, you must use a RAM user or RAM role to which the AliyunResourceDirectoryFullAccess policy is attached within the management account of your resource directory to call this API operation.
 * This topic provides an example on how to call the API operation to bind a mobile phone number to the member `138660628348****` for security purposes.
 *
 * @param request BindSecureMobilePhoneRequest
 * @return BindSecureMobilePhoneResponse
 */
async function bindSecureMobilePhone(request: BindSecureMobilePhoneRequest): BindSecureMobilePhoneResponse {
  var runtime = new Util.RuntimeOptions{};
  return bindSecureMobilePhoneWithOptions(request, runtime);
}

model CancelChangeAccountEmailRequest {
  accountId?: string(name='AccountId', description='The Alibaba Cloud account ID of the member.

This parameter is required.', example='181761095690****'),
}

model CancelChangeAccountEmailResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='9B34724D-54B0-4A51-B34D-4512372FE1BE'),
}

model CancelChangeAccountEmailResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: CancelChangeAccountEmailResponseBody(name='body'),
}

/**
 * @summary 取消修改邮箱
 *
 * @param request CancelChangeAccountEmailRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return CancelChangeAccountEmailResponse
 */
async function cancelChangeAccountEmailWithOptions(request: CancelChangeAccountEmailRequest, runtime: Util.RuntimeOptions): CancelChangeAccountEmailResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.accountId)) {
    query['AccountId'] = request.accountId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'CancelChangeAccountEmail',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary 取消修改邮箱
 *
 * @param request CancelChangeAccountEmailRequest
 * @return CancelChangeAccountEmailResponse
 */
async function cancelChangeAccountEmail(request: CancelChangeAccountEmailRequest): CancelChangeAccountEmailResponse {
  var runtime = new Util.RuntimeOptions{};
  return cancelChangeAccountEmailWithOptions(request, runtime);
}

model CancelCreateCloudAccountRequest {
  recordId?: string(name='RecordId', description='The account record ID.

This parameter is required.', example='06950264-3f0d-4ca9-82dd-6ee7a3d33d6b'),
}

model CancelCreateCloudAccountResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='9B34724D-54B0-4A51-B34D-4512372FE1BE'),
}

model CancelCreateCloudAccountResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: CancelCreateCloudAccountResponseBody(name='body'),
}

/**
 * @summary 取消创建云账号类型的成员
 *
 * @param request CancelCreateCloudAccountRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return CancelCreateCloudAccountResponse
 */
async function cancelCreateCloudAccountWithOptions(request: CancelCreateCloudAccountRequest, runtime: Util.RuntimeOptions): CancelCreateCloudAccountResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.recordId)) {
    query['RecordId'] = request.recordId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'CancelCreateCloudAccount',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary 取消创建云账号类型的成员
 *
 * @param request CancelCreateCloudAccountRequest
 * @return CancelCreateCloudAccountResponse
 */
async function cancelCreateCloudAccount(request: CancelCreateCloudAccountRequest): CancelCreateCloudAccountResponse {
  var runtime = new Util.RuntimeOptions{};
  return cancelCreateCloudAccountWithOptions(request, runtime);
}

model CancelHandshakeRequest {
  handshakeId?: string(name='HandshakeId', description='The ID of the invitation.

This parameter is required.', example='h-ycm4rp****'),
}

model CancelHandshakeResponseBody = {
  handshake?: {
    createTime?: string(name='CreateTime', description='The time when the invitation was created. The time is displayed in UTC.', example='2018-08-10T09:55:41Z'),
    expireTime?: string(name='ExpireTime', description='The time when the invitation expires. The time is displayed in UTC.', example='2018-08-24T09:55:41Z'),
    handshakeId?: string(name='HandshakeId', description='The ID of the invitation.', example='h-ycm4rp****'),
    masterAccountId?: string(name='MasterAccountId', description='The ID of the management account of the resource directory.', example='172841235500****'),
    masterAccountName?: string(name='MasterAccountName', description='The name of the management account of the resource directory.', example='Alice'),
    modifyTime?: string(name='ModifyTime', description='The time when the invitation was modified. The time is displayed in UTC.', example='2018-08-10T09:55:41Z'),
    note?: string(name='Note', description='The comment on the invitation.', example='Welcome'),
    resourceDirectoryId?: string(name='ResourceDirectoryId', description='The ID of the resource directory.', example='h-ycm4rp****'),
    status?: string(name='Status', description='The status of the invitation. Valid values:

*   Pending: The invitation is waiting for confirmation.
*   Accepted: The invitation is accepted.
*   Cancelled: The invitation is canceled.
*   Declined: The invitation is rejected.
*   Expired: The invitation expires.', example='Cancelled'),
    targetEntity?: string(name='TargetEntity', description='The ID or logon email address of the invited account.', example='someone@example.com'),
    targetType?: string(name='TargetType', description='The type of the invited account. Valid values:

*   Account: indicates the ID of the account.
*   Email: indicates the logon email address of the account.', example='Email'),
  }(name='Handshake', description='The information of the invitation.'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='9B34724D-54B0-4A51-B34D-4512372FE1BE'),
}

model CancelHandshakeResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: CancelHandshakeResponseBody(name='body'),
}

/**
 * @summary Cancels an invitation.
 *
 * @description This topic provides an example on how to call the API operation to cancel the invitation whose ID is `h-ycm4rp****`.
 *
 * @param request CancelHandshakeRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return CancelHandshakeResponse
 */
async function cancelHandshakeWithOptions(request: CancelHandshakeRequest, runtime: Util.RuntimeOptions): CancelHandshakeResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.handshakeId)) {
    query['HandshakeId'] = request.handshakeId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'CancelHandshake',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Cancels an invitation.
 *
 * @description This topic provides an example on how to call the API operation to cancel the invitation whose ID is `h-ycm4rp****`.
 *
 * @param request CancelHandshakeRequest
 * @return CancelHandshakeResponse
 */
async function cancelHandshake(request: CancelHandshakeRequest): CancelHandshakeResponse {
  var runtime = new Util.RuntimeOptions{};
  return cancelHandshakeWithOptions(request, runtime);
}

model CancelPromoteResourceAccountRequest {
  recordId?: string(name='RecordId', description='The account record ID.

This parameter is required.', example='06950264-3f0d-4ca9-82dd-6ee7a3d33d6b'),
}

model CancelPromoteResourceAccountResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='9B34724D-54B0-4A51-B34D-4512372FE1BE'),
}

model CancelPromoteResourceAccountResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: CancelPromoteResourceAccountResponseBody(name='body'),
}

/**
 * @summary 取消升级资源账号
 *
 * @param request CancelPromoteResourceAccountRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return CancelPromoteResourceAccountResponse
 */
async function cancelPromoteResourceAccountWithOptions(request: CancelPromoteResourceAccountRequest, runtime: Util.RuntimeOptions): CancelPromoteResourceAccountResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.recordId)) {
    query['RecordId'] = request.recordId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'CancelPromoteResourceAccount',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary 取消升级资源账号
 *
 * @param request CancelPromoteResourceAccountRequest
 * @return CancelPromoteResourceAccountResponse
 */
async function cancelPromoteResourceAccount(request: CancelPromoteResourceAccountRequest): CancelPromoteResourceAccountResponse {
  var runtime = new Util.RuntimeOptions{};
  return cancelPromoteResourceAccountWithOptions(request, runtime);
}

model ChangeAccountEmailRequest {
  accountId?: string(name='AccountId', description='The Alibaba Cloud account ID of the member.

This parameter is required.', example='181761095690****'),
  email?: string(name='Email', description='The email address to be bound to the member.

>  The system automatically sends a verification email to the email address. After the verification is passed, the email address takes effect, and the system changes both the logon email address and secure email address of the member.

This parameter is required.', example='someone@example.com'),
}

model ChangeAccountEmailResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='9B34724D-54B0-4A51-B34D-4512372FE1BE'),
}

model ChangeAccountEmailResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ChangeAccountEmailResponseBody(name='body'),
}

/**
 * @summary 成员账号设置安全邮箱
 *
 * @param request ChangeAccountEmailRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ChangeAccountEmailResponse
 */
async function changeAccountEmailWithOptions(request: ChangeAccountEmailRequest, runtime: Util.RuntimeOptions): ChangeAccountEmailResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.accountId)) {
    query['AccountId'] = request.accountId;
  }
  if (!Util.isUnset(request.email)) {
    query['Email'] = request.email;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ChangeAccountEmail',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary 成员账号设置安全邮箱
 *
 * @param request ChangeAccountEmailRequest
 * @return ChangeAccountEmailResponse
 */
async function changeAccountEmail(request: ChangeAccountEmailRequest): ChangeAccountEmailResponse {
  var runtime = new Util.RuntimeOptions{};
  return changeAccountEmailWithOptions(request, runtime);
}

model CheckAccountDeleteRequest {
  accountId?: string(name='AccountId', description='The ID of the member that you want to delete.

This parameter is required.', example='179855839641****'),
}

model CheckAccountDeleteResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='7CDDDCEF-CDFD-0825-B7D7-217BE0897B22'),
}

model CheckAccountDeleteResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: CheckAccountDeleteResponseBody(name='body'),
}

/**
 * @summary Performs a member deletion check.
 *
 * @description Before you delete a member, you must call this API operation to check whether the member can be deleted.
 * This topic provides an example on how to call the API operation to perform a deletion check on the member whose ID is `179855839641****`.
 *
 * @param request CheckAccountDeleteRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return CheckAccountDeleteResponse
 */
async function checkAccountDeleteWithOptions(request: CheckAccountDeleteRequest, runtime: Util.RuntimeOptions): CheckAccountDeleteResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.accountId)) {
    query['AccountId'] = request.accountId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'CheckAccountDelete',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Performs a member deletion check.
 *
 * @description Before you delete a member, you must call this API operation to check whether the member can be deleted.
 * This topic provides an example on how to call the API operation to perform a deletion check on the member whose ID is `179855839641****`.
 *
 * @param request CheckAccountDeleteRequest
 * @return CheckAccountDeleteResponse
 */
async function checkAccountDelete(request: CheckAccountDeleteRequest): CheckAccountDeleteResponse {
  var runtime = new Util.RuntimeOptions{};
  return checkAccountDeleteWithOptions(request, runtime);
}

model CreateAutoGroupingRuleRequest {
  excludeRegionIdsScope?: string(name='ExcludeRegionIdsScope', description='The IDs of regions to be excluded. Separate multiple IDs with commas (,).', example='cn-beijing,cn-guangzhou'),
  excludeResourceGroupIdsScope?: string(name='ExcludeResourceGroupIdsScope', description='The IDs of resource groups to be excluded. Separate multiple IDs with commas (,).', example='rg-aekz******zj2oi,rg-aekz******r62ua'),
  excludeResourceIdsScope?: string(name='ExcludeResourceIdsScope', description='The IDs of resources to be excluded. Separate multiple IDs with commas (,).', example='pc-uf6p******4h784y,rmq-cn-******ny0y'),
  excludeResourceTypesScope?: string(name='ExcludeResourceTypesScope', description='The resource types to be excluded. Separate multiple resource types with commas (,).', example='mse.cluster,slb.loadbalancer'),
  regionIdsScope?: string(name='RegionIdsScope', description='The IDs of regions. Separate multiple IDs with commas (,).', example='cn-hangzhou,cn-shanghai'),
  resourceGroupIdsScope?: string(name='ResourceGroupIdsScope', description='The IDs of resource groups. Separate multiple IDs with commas (,).', example='rg-aekz******4b5ea,rg-aek2******fxykq'),
  resourceIdsScope?: string(name='ResourceIdsScope', description='The IDs of resources. Separate multiple IDs with commas (,).', example='i-2zee******ym49kfmwis,vpc-5ts6******fnw493g849a'),
  resourceTypesScope?: string(name='ResourceTypesScope', description='The resource types. Separate multiple resource types with commas (,).', example='rds.dbinstance,oss.bucket'),
  ruleContents?: [ 
    {
      autoGroupingScopeCondition?: string(name='AutoGroupingScopeCondition', description='The condition for the range of resources to be automatically transferred.', example='{"children":[{"desired":"{\\\\"env\\\\":\\\\"online\\\\", \\\\"project\\\\":\\\\"A\\\\"}","featurePath":"$.tags","featureSource":"RESOURCE","operator":"TagMatchAll"}],"operator":"and"}'),
      targetResourceGroupCondition?: string(name='TargetResourceGroupCondition', description='The condition for the destination resource group.

This parameter is required.', example='{"children":[{"desired":"rg-aek2********qcy","featurePath":"$.resourceGroupId","featureSource":"RESOURCE","operator":"StringEquals"}],"operator":"and"}'),
    }
  ](name='RuleContents', description='The content records of the rule.

This parameter is required.'),
  ruleDesc?: string(name='RuleDesc', description='The description of the rule.', example='Transfer resources to which the {"env": "online"} and {"project": "A"} tags are added to the resource group rg-aek2********qcy.'),
  ruleName?: string(name='RuleName', description='The name of the rule.

This parameter is required.', example='Custom Transfer Rule for Online Resources of Project A'),
  ruleType?: string(name='RuleType', description='The type of the rule. Valid values:

*   custom_condition: custom transfer rule
*   associated_transfer: transfer rule for associated resources

This parameter is required.', example='custom_condition'),
}

model CreateAutoGroupingRuleResponseBody = {
  requestId?: string(name='RequestId', description='The request ID.', example='F7701451-340B-5CB3-AEA7-7D831F7F38C0'),
  ruleId?: string(name='RuleId', description='The ID of the rule.', example='gr-acfo******hy6a'),
}

model CreateAutoGroupingRuleResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: CreateAutoGroupingRuleResponseBody(name='body'),
}

/**
 * @summary Creates a transfer rule. Custom transfer rules and transfer rules for associated resources are supported.
 *
 * @description You can create up to 10 custom transfer rules. Each custom transfer rule can contain up to 10 content records.
 *
 * @param request CreateAutoGroupingRuleRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return CreateAutoGroupingRuleResponse
 */
async function createAutoGroupingRuleWithOptions(request: CreateAutoGroupingRuleRequest, runtime: Util.RuntimeOptions): CreateAutoGroupingRuleResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.excludeRegionIdsScope)) {
    query['ExcludeRegionIdsScope'] = request.excludeRegionIdsScope;
  }
  if (!Util.isUnset(request.excludeResourceGroupIdsScope)) {
    query['ExcludeResourceGroupIdsScope'] = request.excludeResourceGroupIdsScope;
  }
  if (!Util.isUnset(request.excludeResourceIdsScope)) {
    query['ExcludeResourceIdsScope'] = request.excludeResourceIdsScope;
  }
  if (!Util.isUnset(request.excludeResourceTypesScope)) {
    query['ExcludeResourceTypesScope'] = request.excludeResourceTypesScope;
  }
  if (!Util.isUnset(request.regionIdsScope)) {
    query['RegionIdsScope'] = request.regionIdsScope;
  }
  if (!Util.isUnset(request.resourceGroupIdsScope)) {
    query['ResourceGroupIdsScope'] = request.resourceGroupIdsScope;
  }
  if (!Util.isUnset(request.resourceIdsScope)) {
    query['ResourceIdsScope'] = request.resourceIdsScope;
  }
  if (!Util.isUnset(request.resourceTypesScope)) {
    query['ResourceTypesScope'] = request.resourceTypesScope;
  }
  if (!Util.isUnset(request.ruleContents)) {
    query['RuleContents'] = request.ruleContents;
  }
  if (!Util.isUnset(request.ruleDesc)) {
    query['RuleDesc'] = request.ruleDesc;
  }
  if (!Util.isUnset(request.ruleName)) {
    query['RuleName'] = request.ruleName;
  }
  if (!Util.isUnset(request.ruleType)) {
    query['RuleType'] = request.ruleType;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'CreateAutoGroupingRule',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Creates a transfer rule. Custom transfer rules and transfer rules for associated resources are supported.
 *
 * @description You can create up to 10 custom transfer rules. Each custom transfer rule can contain up to 10 content records.
 *
 * @param request CreateAutoGroupingRuleRequest
 * @return CreateAutoGroupingRuleResponse
 */
async function createAutoGroupingRule(request: CreateAutoGroupingRuleRequest): CreateAutoGroupingRuleResponse {
  var runtime = new Util.RuntimeOptions{};
  return createAutoGroupingRuleWithOptions(request, runtime);
}

model CreateCloudAccountRequest {
  displayName?: string(name='DisplayName', description='The display name of the member account.

The name must be 2 to 50 characters in length and can contain letters, digits, underscores (_), periods (.), and hyphens (-).

The name must be unique in the current resource directory.

This parameter is required.', example='admin-****'),
  email?: string(name='Email', description='The email address used to log on to the cloud account.

This parameter is required.', example='someone@example.com'),
  parentFolderId?: string(name='ParentFolderId', description='The ID of the parent folder.', example='fd-bVaRIG****'),
  payerAccountId?: string(name='PayerAccountId', description='The ID of the settlement account. If you do not specify this parameter, the current account is used for settlement.', example='12323344****'),
}

model CreateCloudAccountResponseBody = {
  account?: {
    accountId?: string(name='AccountId', description='The ID of the member account.', example='12323344****'),
    accountName?: string(name='AccountName', description='The name of the member account.', example='someone@example.com'),
    displayName?: string(name='DisplayName', description='The display name of the member account.', example='admin-****'),
    folderId?: string(name='FolderId', description='The ID of the folder.', example='fd-bVaRIG****'),
    joinMethod?: string(name='JoinMethod', description='The way in which the member account joined the resource directory. Valid values:

*   invited: The member account is invited to join the resource directory.
*   created: The member account is directly created in the resource directory.', example='created'),
    modifyTime?: string(name='ModifyTime', description='The time when the member account was modified.', example='2015-01-23T12:33:18Z'),
    recordId?: string(name='RecordId', description='The account record ID.', example='06950264-3f0d-4ca9-82dd-6ee7a3d3****'),
    resourceDirectoryId?: string(name='ResourceDirectoryId', description='The ID of the resource directory.', example='rd-k3****'),
    status?: string(name='Status', description='The status of the member account. Valid values:

*   CreateSuccess: The member account is created.
*   CreateVerifying: The creation of the member account is under confirmation.
*   CreateFailed: The member account failed to be created.
*   CreateExpired: The creation of the member account expired.
*   CreateCancelled: The creation of the member account is canceled.
*   PromoteVerifying: The upgrade of the member account is under confirmation.
*   PromoteFailed: The member account failed to be upgraded.
*   PromoteExpired: The upgrade of the member account expired.
*   PromoteCancelled: The upgrade of the member account is canceled.
*   PromoteSuccess: The member account is upgraded.
*   InviteSuccess: The owner of the member account accepted the invitation.
*   Removed: The member account is removed from the resource directory.', example='CreateVerifying'),
    type?: string(name='Type', description='The type of the member account. The value CloudAccount indicates that the member account is a cloud account.', example='CloudAccount'),
  }(name='Account', description='The information of the member account.'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='9B34724D-54B0-4A51-B34D-4512372FE1BE'),
}

model CreateCloudAccountResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: CreateCloudAccountResponseBody(name='body'),
}

/**
 * @summary 创建云账号
 *
 * @description A resource directory supports two types of member accounts: resource accounts and cloud accounts.
 * *   Resource account (recommended): A resource account is only used as a resource container and fully depends on a resource directory. Such member accounts are secure and easy-to-create. For more information about how to create a resource account, see [CreateResourceAccount](https://help.aliyun.com/document_detail/159392.html).
 * >  A resource account can be upgraded to a cloud account. For more information, see [PromoteResourceAccount](https://help.aliyun.com/document_detail/159395.html) .
 * *   Cloud account: A cloud account has all the features of an Alibaba Cloud account, including root permissions.
 *
 * @param request CreateCloudAccountRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return CreateCloudAccountResponse
 */
async function createCloudAccountWithOptions(request: CreateCloudAccountRequest, runtime: Util.RuntimeOptions): CreateCloudAccountResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.displayName)) {
    query['DisplayName'] = request.displayName;
  }
  if (!Util.isUnset(request.email)) {
    query['Email'] = request.email;
  }
  if (!Util.isUnset(request.parentFolderId)) {
    query['ParentFolderId'] = request.parentFolderId;
  }
  if (!Util.isUnset(request.payerAccountId)) {
    query['PayerAccountId'] = request.payerAccountId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'CreateCloudAccount',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary 创建云账号
 *
 * @description A resource directory supports two types of member accounts: resource accounts and cloud accounts.
 * *   Resource account (recommended): A resource account is only used as a resource container and fully depends on a resource directory. Such member accounts are secure and easy-to-create. For more information about how to create a resource account, see [CreateResourceAccount](https://help.aliyun.com/document_detail/159392.html).
 * >  A resource account can be upgraded to a cloud account. For more information, see [PromoteResourceAccount](https://help.aliyun.com/document_detail/159395.html) .
 * *   Cloud account: A cloud account has all the features of an Alibaba Cloud account, including root permissions.
 *
 * @param request CreateCloudAccountRequest
 * @return CreateCloudAccountResponse
 */
async function createCloudAccount(request: CreateCloudAccountRequest): CreateCloudAccountResponse {
  var runtime = new Util.RuntimeOptions{};
  return createCloudAccountWithOptions(request, runtime);
}

model CreateControlPolicyRequest {
  description?: string(name='Description', description='The description of the access control policy.

The description must be 1 to 1,024 characters in length. The description can contain letters, digits, underscores (_), and hyphens (-) and must start with a letter.', example='ExampleControlPolicy'),
  effectScope?: string(name='EffectScope', description='The effective scope of the access control policy.

The value RAM indicates that the access control policy takes effect only for RAM users and RAM roles.

This parameter is required.', example='RAM'),
  policyDocument?: string(name='PolicyDocument', description='The document of the access control policy.

The document can be a maximum of 4,096 characters in length.

For more information about the languages of access control policies, see [Languages of access control policies](https://help.aliyun.com/document_detail/179096.html).

For more information about the examples of access control policies, see [Examples of custom access control policies](https://help.aliyun.com/document_detail/181474.html).

This parameter is required.', example='{"Version":"1","Statement":[{"Effect":"Deny","Action":["ram:UpdateRole","ram:DeleteRole","ram:AttachPolicyToRole","ram:DetachPolicyFromRole"],"Resource":"acs:ram:*:*:role/ResourceDirectoryAccountAccessRole"}]}'),
  policyName?: string(name='PolicyName', description='The name of the access control policy.

The name must be 1 to 128 characters in length. The name can contain letters, digits, and hyphens (-) and must start with a letter.

This parameter is required.', example='ExampleControlPolicy'),
}

model CreateControlPolicyResponseBody = {
  controlPolicy?: {
    attachmentCount?: string(name='AttachmentCount', description='The number of times that the access control policy is referenced.', example='0'),
    createDate?: string(name='CreateDate', description='The time when the access control policy was created.', example='2021-03-18T09:24:19Z'),
    description?: string(name='Description', description='The description of the access control policy.', example='ExampleControlPolicy'),
    effectScope?: string(name='EffectScope', description='The effective scope of the access control policy.

The value RAM indicates that the access control policy takes effect only for RAM users and RAM roles.', example='RAM'),
    policyId?: string(name='PolicyId', description='The ID of the access control policy.', example='cp-jExXAqIYkwHN****'),
    policyName?: string(name='PolicyName', description='The name of the access control policy.', example='ExampleControlPolicy'),
    policyType?: string(name='PolicyType', description='The type of the access control policy. Valid values:

*   System: system access control policy
*   Custom: custom access control policy', example='Custom'),
    updateDate?: string(name='UpdateDate', description='The time when the access control policy was updated.', example='2021-03-18T09:24:19Z'),
  }(name='ControlPolicy', description='The details of the access control policy.'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='776B05B3-A0B0-464B-A191-F4E1119A94B2'),
}

model CreateControlPolicyResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: CreateControlPolicyResponseBody(name='body'),
}

/**
 * @description This topic provides an example on how to call the API operation to create a custom access control policy named `ExampleControlPolicy`. This access control policy is used to prohibit modifications to the ResourceDirectoryAccountAccessRole role and the permissions of the role.
 *
 * @param request CreateControlPolicyRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return CreateControlPolicyResponse
 */
async function createControlPolicyWithOptions(request: CreateControlPolicyRequest, runtime: Util.RuntimeOptions): CreateControlPolicyResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.description)) {
    query['Description'] = request.description;
  }
  if (!Util.isUnset(request.effectScope)) {
    query['EffectScope'] = request.effectScope;
  }
  if (!Util.isUnset(request.policyDocument)) {
    query['PolicyDocument'] = request.policyDocument;
  }
  if (!Util.isUnset(request.policyName)) {
    query['PolicyName'] = request.policyName;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'CreateControlPolicy',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @description This topic provides an example on how to call the API operation to create a custom access control policy named `ExampleControlPolicy`. This access control policy is used to prohibit modifications to the ResourceDirectoryAccountAccessRole role and the permissions of the role.
 *
 * @param request CreateControlPolicyRequest
 * @return CreateControlPolicyResponse
 */
async function createControlPolicy(request: CreateControlPolicyRequest): CreateControlPolicyResponse {
  var runtime = new Util.RuntimeOptions{};
  return createControlPolicyWithOptions(request, runtime);
}

model CreateFolderRequest {
  folderName?: string(name='FolderName', description='The name of the folder.

The name must be 1 to 24 characters in length and can contain letters, digits, underscores (_), periods (.),and hyphens (-).

This parameter is required.', example='rdFolder'),
  parentFolderId?: string(name='ParentFolderId', description='The ID of the parent folder.', example='r-b1****'),
}

model CreateFolderResponseBody = {
  folder?: {
    createTime?: string(name='CreateTime', description='The time when the folder was created.', example='2019-02-19T09:34:50.757Z'),
    folderId?: string(name='FolderId', description='The ID of the folder.', example='fd-u8B321****'),
    folderName?: string(name='FolderName', description='The name of the folder.', example='rdFolder'),
    parentFolderId?: string(name='ParentFolderId', description='The ID of the parent folder.', example='r-b1****'),
  }(name='Folder', description='The information of the folder.'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='C2CBCA30-C8DD-423E-B4AD-4FB694C9180C'),
}

model CreateFolderResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: CreateFolderResponseBody(name='body'),
}

/**
 * @description >  A maximum of five levels of folders can be created under the root folder.
 * In this example, a folder named `rdFolder` is created under the root folder.
 *
 * @param request CreateFolderRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return CreateFolderResponse
 */
async function createFolderWithOptions(request: CreateFolderRequest, runtime: Util.RuntimeOptions): CreateFolderResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.folderName)) {
    query['FolderName'] = request.folderName;
  }
  if (!Util.isUnset(request.parentFolderId)) {
    query['ParentFolderId'] = request.parentFolderId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'CreateFolder',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @description >  A maximum of five levels of folders can be created under the root folder.
 * In this example, a folder named `rdFolder` is created under the root folder.
 *
 * @param request CreateFolderRequest
 * @return CreateFolderResponse
 */
async function createFolder(request: CreateFolderRequest): CreateFolderResponse {
  var runtime = new Util.RuntimeOptions{};
  return createFolderWithOptions(request, runtime);
}

model CreatePolicyRequest {
  description?: string(name='Description', description='The description of the policy.

The description must be 1 to 1,024 characters in length.', example='OSS administrator'),
  policyDocument?: string(name='PolicyDocument', description='The document of the policy.

The document must be 1 to 2,048 characters in length.

This parameter is required.', example='{ "Statement": [{ "Action": ["oss:*"], "Effect": "Allow", "Resource": ["acs:oss:*:*:*"]}], "Version": "1"}'),
  policyName?: string(name='PolicyName', description='The name of the policy.

The name must be 1 to 128 characters in length and can contain letters, digits, and hyphens (-).

This parameter is required.', example='OSS-Administrator'),
}

model CreatePolicyResponseBody = {
  policy?: {
    createDate?: string(name='CreateDate', description='The time when the policy was created.', example='2015-01-23T12:33:18Z'),
    defaultVersion?: string(name='DefaultVersion', description='The version number of the policy. Default value: v1.', example='v1'),
    description?: string(name='Description', description='The description of the policy.', example='OSS administrator'),
    policyName?: string(name='PolicyName', description='The name of the policy.', example='OSS-Administrator'),
    policyType?: string(name='PolicyType', description='The type of the policy. Valid values:

*   Custom: custom policy
*   System: system policy', example='Custom'),
  }(name='Policy', description='The information of the policy.'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='9B34724D-54B0-4A51-B34D-4512372FE1BE'),
}

model CreatePolicyResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: CreatePolicyResponseBody(name='body'),
}

/**
 * @summary Creates a policy.
 *
 * @param request CreatePolicyRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return CreatePolicyResponse
 */
async function createPolicyWithOptions(request: CreatePolicyRequest, runtime: Util.RuntimeOptions): CreatePolicyResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.description)) {
    query['Description'] = request.description;
  }
  if (!Util.isUnset(request.policyDocument)) {
    query['PolicyDocument'] = request.policyDocument;
  }
  if (!Util.isUnset(request.policyName)) {
    query['PolicyName'] = request.policyName;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'CreatePolicy',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Creates a policy.
 *
 * @param request CreatePolicyRequest
 * @return CreatePolicyResponse
 */
async function createPolicy(request: CreatePolicyRequest): CreatePolicyResponse {
  var runtime = new Util.RuntimeOptions{};
  return createPolicyWithOptions(request, runtime);
}

model CreatePolicyVersionRequest {
  policyDocument?: string(name='PolicyDocument', description='The document of the policy.

The document must be 1 to 2,048 characters in length.

This parameter is required.', example='{ "Statement": [{ "Action": ["oss:*"], "Effect": "Allow", "Resource": ["acs:oss:*:*:*"]}], "Version": "1"}'),
  policyName?: string(name='PolicyName', description='The name of the policy.

The name must be 1 to 128 characters in length and can contain letters, digits, and hyphens (-).

This parameter is required.', example='OSS-Administrator'),
  setAsDefault?: boolean(name='SetAsDefault', description='Specifies whether to set the policy version as the default version. Valid values:

*   false: The policy version is not set as the default version.
*   true: The policy version is set as the default version.

Default value: false.', example='false'),
}

model CreatePolicyVersionResponseBody = {
  policyVersion?: {
    createDate?: string(name='CreateDate', description='The time when the policy version was created.', example='2015-01-23T12:33:18'),
    isDefaultVersion?: boolean(name='IsDefaultVersion', description='Indicates whether the policy version is the default version.', example='false'),
    versionId?: string(name='VersionId', description='The ID of the policy version.', example='v3'),
  }(name='PolicyVersion', description='The information of the policy version.'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='9B34724D-54B0-4A51-B34D-4512372FE1BE'),
}

model CreatePolicyVersionResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: CreatePolicyVersionResponseBody(name='body'),
}

/**
 * @summary 创建权限策略版本
 *
 * @param request CreatePolicyVersionRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return CreatePolicyVersionResponse
 */
async function createPolicyVersionWithOptions(request: CreatePolicyVersionRequest, runtime: Util.RuntimeOptions): CreatePolicyVersionResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.policyDocument)) {
    query['PolicyDocument'] = request.policyDocument;
  }
  if (!Util.isUnset(request.policyName)) {
    query['PolicyName'] = request.policyName;
  }
  if (!Util.isUnset(request.setAsDefault)) {
    query['SetAsDefault'] = request.setAsDefault;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'CreatePolicyVersion',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary 创建权限策略版本
 *
 * @param request CreatePolicyVersionRequest
 * @return CreatePolicyVersionResponse
 */
async function createPolicyVersion(request: CreatePolicyVersionRequest): CreatePolicyVersionResponse {
  var runtime = new Util.RuntimeOptions{};
  return createPolicyVersionWithOptions(request, runtime);
}

model CreateResourceAccountRequest {
  accountNamePrefix?: string(name='AccountNamePrefix', description='The prefix for the Alibaba Cloud account name of the member. If you leave this parameter empty, the system randomly generates a prefix.

The prefix must be 2 to 37 characters in length.

The prefix can contain letters, digits, and special characters but cannot contain consecutive special characters. The prefix must start with a letter or digit and end with a letter or digit. Valid special characters include underscores (`_`), periods (`.`), and hyphens (-).

The complete Alibaba Cloud account name of a member is in the @.aliyunid.com format, such as `alice@rd-3G****.aliyunid.com`.

Each name must be unique in the resource directory.', example='alice'),
  displayName?: string(name='DisplayName', description='The display name of the member.

The name must be 2 to 50 characters in length.

The name can contain letters, digits, underscores (_), periods (.), hyphens (-), and spaces.

The name must be unique in the resource directory.

This parameter is required.', example='Dev'),
  parentFolderId?: string(name='ParentFolderId', description='The ID of the parent folder.', example='fd-r23M55****'),
  payerAccountId?: string(name='PayerAccountId', description='The ID of the billing account. If you leave this parameter empty, the newly created member is used as its billing account.', example='12323344****'),
  resellAccountType?: string(name='ResellAccountType', description='The identity type of the member. Valid values:

*   resell (default): The member is an account for a reseller. A relationship is automatically established between the member and the reseller. The management account of the resource directory must be used as the billing account of the member.
*   non_resell: The member is not an account for a reseller. The member is an account that is not associated with a reseller. You can directly use the account to purchase Alibaba Cloud resources. The member is used as its own billing account.

>  This parameter is available only for resellers at the international site (alibabacloud.com).', example='resell'),
  tag?: [ 
    {
      key?: string(name='Key', description='The tag key.', example='k1'),
      value?: string(name='Value', description='The tag value.', example='v1'),
    }
  ](name='Tag', description='The tag of the member.'),
}

model CreateResourceAccountResponseBody = {
  account?: {
    accountId?: string(name='AccountId', description='The ID of the member.', example='112730938585****'),
    accountName?: string(name='AccountName', description='The Alibaba Cloud account ID of the member.', example='alice@rd-3g****.aliyunid.com'),
    displayName?: string(name='DisplayName', description='The display name of the member.', example='Dev'),
    folderId?: string(name='FolderId', description='The ID of the folder.', example='fd-r23M55****'),
    joinMethod?: string(name='JoinMethod', description='The way in which the member joins the resource directory. Valid values:

*   invited: The member is invited to join the resource directory.
*   created: The member is directly created in the resource directory.', example='created'),
    joinTime?: string(name='JoinTime', description='The time when the member joined the resource directory. The time is displayed in UTC.', example='2020-12-31T03:37:39.456Z'),
    modifyTime?: string(name='ModifyTime', description='The time when the member was modified. The time is displayed in UTC.', example='2020-12-31T03:37:39.456Z'),
    resourceDirectoryId?: string(name='ResourceDirectoryId', description='The ID of the resource directory.', example='rd-3G****'),
    status?: string(name='Status', description='The status of the member. The value CreateSuccess indicates that the member is created.', example='CreateSuccess'),
    type?: string(name='Type', description='The type of the member. The value ResourceAccount indicates that the member is a resource account.', example='ResourceAccount'),
  }(name='Account', description='The information about the member.'),
  requestId?: string(name='RequestId', description='The request ID.', example='B356A415-D860-43E5-865A-E2193D62BBD6'),
}

model CreateResourceAccountResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: CreateResourceAccountResponseBody(name='body'),
}

/**
 * @summary Creates a member of the resource account type.
 *
 * @description A member serves as a container for resources and is also an organizational unit in a resource directory. A member indicates a project or application. The resources of different members are isolated.
 *
 * @param request CreateResourceAccountRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return CreateResourceAccountResponse
 */
async function createResourceAccountWithOptions(request: CreateResourceAccountRequest, runtime: Util.RuntimeOptions): CreateResourceAccountResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.accountNamePrefix)) {
    query['AccountNamePrefix'] = request.accountNamePrefix;
  }
  if (!Util.isUnset(request.displayName)) {
    query['DisplayName'] = request.displayName;
  }
  if (!Util.isUnset(request.parentFolderId)) {
    query['ParentFolderId'] = request.parentFolderId;
  }
  if (!Util.isUnset(request.payerAccountId)) {
    query['PayerAccountId'] = request.payerAccountId;
  }
  if (!Util.isUnset(request.resellAccountType)) {
    query['ResellAccountType'] = request.resellAccountType;
  }
  if (!Util.isUnset(request.tag)) {
    query['Tag'] = request.tag;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'CreateResourceAccount',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Creates a member of the resource account type.
 *
 * @description A member serves as a container for resources and is also an organizational unit in a resource directory. A member indicates a project or application. The resources of different members are isolated.
 *
 * @param request CreateResourceAccountRequest
 * @return CreateResourceAccountResponse
 */
async function createResourceAccount(request: CreateResourceAccountRequest): CreateResourceAccountResponse {
  var runtime = new Util.RuntimeOptions{};
  return createResourceAccountWithOptions(request, runtime);
}

model CreateResourceGroupRequest {
  displayName?: string(name='DisplayName', description='The display name of the resource group.

The name must be 1 to 50 characters in length.

This parameter is required.', example='my-project'),
  name?: string(name='Name', description='The unique identifier of the resource group.

The identifier must be 3 to 50 characters in length and can contain letters, digits, and hyphens (-). The identifier must start with a letter.

This parameter is required.', example='my-project'),
  tag?: [ 
    {
      key?: string(name='Key', description='The key of the tag. 

The tag key can be up to 128 characters in length and cannot contain `http://` or `https://`. The tag key cannot start with `acs:` or `aliyun`.', example='k1'),
      value?: string(name='Value', description='The value of the tag. 

The tag value can be up to 128 characters in length and cannot contain `http://` or `https://`. The tag key cannot start with `acs:` or `aliyun`.', example='v1'),
    }
  ](name='Tag', description='The tags.'),
}

model CreateResourceGroupResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='04F0F334-1335-436C-A1D7-6C044FE73368'),
  resourceGroup?: {
    accountId?: string(name='AccountId', description='The ID of the Alibaba Cloud account to which the resource group belongs.', example='151266687691****'),
    createDate?: string(name='CreateDate', description='The time when the resource group was created. The time is displayed in UTC.', example='2021-06-05T14:39:13+08:00'),
    displayName?: string(name='DisplayName', description='The display name of the resource group.', example='my-project'),
    id?: string(name='Id', description='The ID of the resource group.', example='rg-9gLOoK****'),
    name?: string(name='Name', description='The unique identifier of the resource group.', example='my-project'),
    regionStatuses?: {
      regionStatus?: [ 
      {
        regionId?: string(name='RegionId', description='The region ID.', example='cn-qingdao'),
        status?: string(name='Status', description='The status of the resource group. Valid values:

*   Creating: The resource group is being created.
*   OK: The resource group is created.', example='Creating'),
      }
    ](name='RegionStatus')
    }(name='RegionStatuses', description='The status of the resource group in all regions.'),
    status?: string(name='Status', description='The status of the resource group. Valid values:

*   Creating: The resource group is being created.
*   OK: The resource group is created.', example='Creating'),
  }(name='ResourceGroup', description='The information of the resource group.'),
}

model CreateResourceGroupResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: CreateResourceGroupResponseBody(name='body'),
}

/**
 * @summary Creates a resource group.
 *
 * @description >  A maximum of 30 resource groups can be created within an Alibaba Cloud account.
 *
 * @param request CreateResourceGroupRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return CreateResourceGroupResponse
 */
async function createResourceGroupWithOptions(request: CreateResourceGroupRequest, runtime: Util.RuntimeOptions): CreateResourceGroupResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.displayName)) {
    query['DisplayName'] = request.displayName;
  }
  if (!Util.isUnset(request.name)) {
    query['Name'] = request.name;
  }
  if (!Util.isUnset(request.tag)) {
    query['Tag'] = request.tag;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'CreateResourceGroup',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Creates a resource group.
 *
 * @description >  A maximum of 30 resource groups can be created within an Alibaba Cloud account.
 *
 * @param request CreateResourceGroupRequest
 * @return CreateResourceGroupResponse
 */
async function createResourceGroup(request: CreateResourceGroupRequest): CreateResourceGroupResponse {
  var runtime = new Util.RuntimeOptions{};
  return createResourceGroupWithOptions(request, runtime);
}

model CreateRoleRequest {
  assumeRolePolicyDocument?: string(name='AssumeRolePolicyDocument', description='The document of the policy that specifies one or more trusted entities to assume the RAM role. The trusted entities can be Alibaba Cloud accounts, Alibaba Cloud services, or identity providers (IdPs).

>  RAM users cannot assume the RAM roles of trusted Alibaba Cloud services.

This parameter is required.', example='{ "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "RAM": "acs:ram::12345678901234****:root" } } ], "Version": "1" }'),
  description?: string(name='Description', description='The description of the RAM role.

The description must be 1 to 1,024 characters in length.', example='ECS administrator'),
  maxSessionDuration?: long(name='MaxSessionDuration', description='The maximum session duration of the RAM role.

Unit: seconds. Valid values: 3600 to 43200. Default value: 3600.

If you do not specify this parameter, the default value is used.', example='3600'),
  roleName?: string(name='RoleName', description='The name of the RAM role.

The name must be 1 to 64 characters in length and can contain letters, digits, periods (.), and hyphens (-).

This parameter is required.', example='ECSAdmin'),
}

model CreateRoleResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='04F0F334-1335-436C-A1D7-6C044FE73368'),
  role?: {
    arn?: string(name='Arn', description='The Alibaba Cloud Resource Name (ARN) of the RAM role.', example='acs:ram::123456789012****:role/ECSAdmin'),
    assumeRolePolicyDocument?: string(name='AssumeRolePolicyDocument', description='The document of the policy that specifies the trusted entity to assume the RAM role.', example='{ \\\\"Statement\\\\": [ { \\\\"Action\\\\": \\\\"sts:AssumeRole\\\\", \\\\"Effect\\\\": \\\\"Allow\\\\", \\\\"Principal\\\\": { \\\\"RAM\\\\": \\\\"acs:ram::12345678901234****:root\\\\" } } ], \\\\"Version\\\\": \\\\"1\\\\" }'),
    createDate?: string(name='CreateDate', description='The time when the RAM role was created.', example='2015-01-23T12:33:18Z'),
    description?: string(name='Description', description='The description of the RAM role.', example='ECS administrator'),
    maxSessionDuration?: long(name='MaxSessionDuration', description='The maximum session duration of the RAM role.', example='3600'),
    roleId?: string(name='RoleId', description='The ID of the RAM role.', example='90123456789****'),
    roleName?: string(name='RoleName', description='The name of the RAM role.', example='ECSAdmin'),
    rolePrincipalName?: string(name='RolePrincipalName', description='The name of the RAM role after authorization.', example='ECSAdmin@role.123456.onaliyunservice.com'),
  }(name='Role', description='The information of the RAM role.'),
}

model CreateRoleResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: CreateRoleResponseBody(name='body'),
}

/**
 * @summary Creates a RAM role.
 *
 * @param request CreateRoleRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return CreateRoleResponse
 */
async function createRoleWithOptions(request: CreateRoleRequest, runtime: Util.RuntimeOptions): CreateRoleResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.assumeRolePolicyDocument)) {
    query['AssumeRolePolicyDocument'] = request.assumeRolePolicyDocument;
  }
  if (!Util.isUnset(request.description)) {
    query['Description'] = request.description;
  }
  if (!Util.isUnset(request.maxSessionDuration)) {
    query['MaxSessionDuration'] = request.maxSessionDuration;
  }
  if (!Util.isUnset(request.roleName)) {
    query['RoleName'] = request.roleName;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'CreateRole',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Creates a RAM role.
 *
 * @param request CreateRoleRequest
 * @return CreateRoleResponse
 */
async function createRole(request: CreateRoleRequest): CreateRoleResponse {
  var runtime = new Util.RuntimeOptions{};
  return createRoleWithOptions(request, runtime);
}

model CreateServiceLinkedRoleRequest {
  customSuffix?: string(name='CustomSuffix', description='The suffix of the role name.

The role name (including its suffix) must be 1 to 64 characters in length and can contain letters, digits, periods (.), and hyphens (-).

For example, if the suffix is `Example`, the role name is `ServiceLinkedRoleName_Example`.', example='Example'),
  description?: string(name='Description', description='The description of the service-linked role.

You must configure this parameter for service-linked roles that support custom suffixes. Otherwise, the preset value is used and cannot be modified.

The description must be 1 to 1,024 characters in length.', example='Service Linked Role for PolarDB. PolarDB will use this role to access your resources in other services.'),
  serviceName?: string(name='ServiceName', description='The name of the service.

For more information about the service name, see [Alibaba Cloud services that support service-linked roles](https://help.aliyun.com/document_detail/461722.html).

This parameter is required.', example='polardb.aliyuncs.com'),
}

model CreateServiceLinkedRoleResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='FE58D7CF-03BC-432A-B42D-BC3390C8C2E1'),
  role?: {
    arn?: string(name='Arn', description='The Alibaba Cloud Resource Name (ARN) of the role.', example='acs:ram::177242285274****:role/aliyunserviceroleforpolardb'),
    assumeRolePolicyDocument?: string(name='AssumeRolePolicyDocument', description='The document of the trust policy for the role.', example='{\\\\"Statement\\\\":[{\\\\"Action\\\\":\\\\"sts:AssumeRole\\\\",\\\\"Effect\\\\":\\\\"Allow\\\\",\\\\"Principal\\\\":{\\\\"Service\\\\":[\\\\"polardb.aliyuncs.com\\\\"]}}],\\\\"Version\\\\":\\\\"1\\\\"}'),
    createDate?: string(name='CreateDate', description='The time when the role was created. The time is displayed in UTC.', example='2020-06-30T08:14:16Z'),
    description?: string(name='Description', description='The description of the role.', example='Service Linked Role for PolarDB. PolarDB will use this role to access your resources in other services.'),
    isServiceLinkedRole?: boolean(name='IsServiceLinkedRole', description='Indicates whether the role is a service-linked role. Valid values:

*   true: The role is a service-linked role.
*   false: The role is not a service-linked role.', example='true'),
    roleId?: string(name='RoleId', description='The ID of the role.', example='32833240981067****'),
    roleName?: string(name='RoleName', description='The name of the role.', example='AliyunServiceRoleForPolarDB'),
    rolePrincipalName?: string(name='RolePrincipalName', description='The role name that uses a domain name as the suffix.', example='AliyunServiceRoleForPolarDB@role.test.onaliyunservice.com'),
  }(name='Role', description='The information about the role.'),
}

model CreateServiceLinkedRoleResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: CreateServiceLinkedRoleResponseBody(name='body'),
}

/**
 * @summary 创建服务关联角色
 *
 * @param request CreateServiceLinkedRoleRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return CreateServiceLinkedRoleResponse
 */
async function createServiceLinkedRoleWithOptions(request: CreateServiceLinkedRoleRequest, runtime: Util.RuntimeOptions): CreateServiceLinkedRoleResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.customSuffix)) {
    query['CustomSuffix'] = request.customSuffix;
  }
  if (!Util.isUnset(request.description)) {
    query['Description'] = request.description;
  }
  if (!Util.isUnset(request.serviceName)) {
    query['ServiceName'] = request.serviceName;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'CreateServiceLinkedRole',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary 创建服务关联角色
 *
 * @param request CreateServiceLinkedRoleRequest
 * @return CreateServiceLinkedRoleResponse
 */
async function createServiceLinkedRole(request: CreateServiceLinkedRoleRequest): CreateServiceLinkedRoleResponse {
  var runtime = new Util.RuntimeOptions{};
  return createServiceLinkedRoleWithOptions(request, runtime);
}

model DeclineHandshakeRequest {
  handshakeId?: string(name='HandshakeId', description='The ID of the invitation.

This parameter is required.', example='h-ycm4rp****'),
}

model DeclineHandshakeResponseBody = {
  handshake?: {
    createTime?: string(name='CreateTime', description='The time when the invitation was created.', example='2018-08-10T09:55:41Z'),
    expireTime?: string(name='ExpireTime', description='The time when the invitation expires.', example='2018-08-10T09:55:41Z'),
    handshakeId?: string(name='HandshakeId', description='The ID of the invitation.', example='h-ycm4rp****'),
    masterAccountId?: string(name='MasterAccountId', description='The ID of the enterprise management account of the resource directory.', example='172841235500****'),
    masterAccountName?: string(name='MasterAccountName', description='The name of the enterprise management account of the resource directory.', example='Alice'),
    modifyTime?: string(name='ModifyTime', description='The time when the invitation was modified.', example='2018-08-10T09:55:41Z'),
    note?: string(name='Note', description='The invitation note.', example='Welcome'),
    resourceDirectoryId?: string(name='ResourceDirectoryId', description='The ID of the resource directory.', example='rd-abcdef****'),
    status?: string(name='Status', description='The status of the invitation. Valid values:

*   Pending: The invitation is waiting for confirmation.
*   Accepted: The invitation is accepted.
*   Cancelled: The invitation is canceled.
*   Declined: The invitation is rejected.
*   Expired: The invitation expired.', example='Declined'),
    targetEntity?: string(name='TargetEntity', description='The ID or logon email address of the invited account.', example='someone@example.com'),
    targetType?: string(name='TargetType', description='The type of the invited account. Valid values:

*   Account: indicates the ID of the account.
*   Email: indicates the logon email address of the account.', example='Email'),
  }(name='Handshake', description='The information of the invitation.'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='9B34724D-54B0-4A51-B34D-4512372FE1BE'),
}

model DeclineHandshakeResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DeclineHandshakeResponseBody(name='body'),
}

/**
 * @summary Rejects an invitation.
 *
 * @param request DeclineHandshakeRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DeclineHandshakeResponse
 */
async function declineHandshakeWithOptions(request: DeclineHandshakeRequest, runtime: Util.RuntimeOptions): DeclineHandshakeResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.handshakeId)) {
    query['HandshakeId'] = request.handshakeId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DeclineHandshake',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Rejects an invitation.
 *
 * @param request DeclineHandshakeRequest
 * @return DeclineHandshakeResponse
 */
async function declineHandshake(request: DeclineHandshakeRequest): DeclineHandshakeResponse {
  var runtime = new Util.RuntimeOptions{};
  return declineHandshakeWithOptions(request, runtime);
}

model DeleteAccountRequest {
  abandonableCheckId?: [ string ](name='AbandonableCheckId'),
  accountId?: string(name='AccountId', description='The type of the deletion. Valid values:

*   0: direct deletion. If the member does not have pay-as-you-go resources that are purchased within the previous 30 days, the system directly deletes the member.
*   1: deletion with a silence period. If the member has pay-as-you-go resources that are purchased within the previous 30 days, the member enters a silence period of 45 days. The system starts to delete the member until the silence period ends. For more information about the silence period, see [What is the silence period for member deletion?](https://help.aliyun.com/document_detail/446079.html)

This parameter is required.', example='169946124551****'),
}

model DeleteAccountShrinkRequest {
  abandonableCheckIdShrink?: string(name='AbandonableCheckId'),
  accountId?: string(name='AccountId', description='The type of the deletion. Valid values:

*   0: direct deletion. If the member does not have pay-as-you-go resources that are purchased within the previous 30 days, the system directly deletes the member.
*   1: deletion with a silence period. If the member has pay-as-you-go resources that are purchased within the previous 30 days, the member enters a silence period of 45 days. The system starts to delete the member until the silence period ends. For more information about the silence period, see [What is the silence period for member deletion?](https://help.aliyun.com/document_detail/446079.html)

This parameter is required.', example='169946124551****'),
}

model DeleteAccountResponseBody = {
  deletionType?: string(name='DeletionType', example='0'),
  requestId?: string(name='RequestId', example='009429F8-C1C0-5872-B674-A6C2333B9647'),
}

model DeleteAccountResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DeleteAccountResponseBody(name='body'),
}

/**
 * @summary 账号一键删除
 *
 * @description The ID of the member that you want to delete.
 *
 * @param tmpReq DeleteAccountRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DeleteAccountResponse
 */
async function deleteAccountWithOptions(tmpReq: DeleteAccountRequest, runtime: Util.RuntimeOptions): DeleteAccountResponse {
  Util.validateModel(tmpReq);
  var request = new DeleteAccountShrinkRequest{};
  OpenApiUtil.convert(tmpReq, request);
  if (!Util.isUnset(tmpReq.abandonableCheckId)) {
    request.abandonableCheckIdShrink = OpenApiUtil.arrayToStringWithSpecifiedStyle(tmpReq.abandonableCheckId, 'AbandonableCheckId', 'json');
  }
  var query = {};
  if (!Util.isUnset(request.abandonableCheckIdShrink)) {
    query['AbandonableCheckId'] = request.abandonableCheckIdShrink;
  }
  if (!Util.isUnset(request.accountId)) {
    query['AccountId'] = request.accountId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DeleteAccount',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary 账号一键删除
 *
 * @description The ID of the member that you want to delete.
 *
 * @param request DeleteAccountRequest
 * @return DeleteAccountResponse
 */
async function deleteAccount(request: DeleteAccountRequest): DeleteAccountResponse {
  var runtime = new Util.RuntimeOptions{};
  return deleteAccountWithOptions(request, runtime);
}

model DeleteAutoGroupingRuleRequest {
  ruleId?: string(name='RuleId', description='The ID of the rule.

This parameter is required.', example='gr-acfo******hy6a'),
}

model DeleteAutoGroupingRuleResponseBody = {
  requestId?: string(name='RequestId', description='The request ID.', example='9B34724D-54B0-4A51-B34D-4512372FE1BE'),
}

model DeleteAutoGroupingRuleResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DeleteAutoGroupingRuleResponseBody(name='body'),
}

/**
 * @summary Deletes a transfer rule.
 *
 * @param request DeleteAutoGroupingRuleRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DeleteAutoGroupingRuleResponse
 */
async function deleteAutoGroupingRuleWithOptions(request: DeleteAutoGroupingRuleRequest, runtime: Util.RuntimeOptions): DeleteAutoGroupingRuleResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.ruleId)) {
    query['RuleId'] = request.ruleId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DeleteAutoGroupingRule',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Deletes a transfer rule.
 *
 * @param request DeleteAutoGroupingRuleRequest
 * @return DeleteAutoGroupingRuleResponse
 */
async function deleteAutoGroupingRule(request: DeleteAutoGroupingRuleRequest): DeleteAutoGroupingRuleResponse {
  var runtime = new Util.RuntimeOptions{};
  return deleteAutoGroupingRuleWithOptions(request, runtime);
}

model DeleteControlPolicyRequest {
  policyId?: string(name='PolicyId', description='The ID of the control policy.

This parameter is required.', example='cp-SImPt8GCEwiq****'),
}

model DeleteControlPolicyResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='C8541E06-B207-46BF-92C9-DC8DE4609D75'),
}

model DeleteControlPolicyResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DeleteControlPolicyResponseBody(name='body'),
}

/**
 * @summary 删除管控策略
 *
 * @description If you want to delete a custom control policy that is attached to folders or member accounts, you must call the [DetachControlPolicy](https://help.aliyun.com/document_detail/208331.html) operation to detach the policy before you delete it.
 * In this example, the custom control policy `cp-SImPt8GCEwiq****` is deleted.
 *
 * @param request DeleteControlPolicyRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DeleteControlPolicyResponse
 */
async function deleteControlPolicyWithOptions(request: DeleteControlPolicyRequest, runtime: Util.RuntimeOptions): DeleteControlPolicyResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.policyId)) {
    query['PolicyId'] = request.policyId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DeleteControlPolicy',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary 删除管控策略
 *
 * @description If you want to delete a custom control policy that is attached to folders or member accounts, you must call the [DetachControlPolicy](https://help.aliyun.com/document_detail/208331.html) operation to detach the policy before you delete it.
 * In this example, the custom control policy `cp-SImPt8GCEwiq****` is deleted.
 *
 * @param request DeleteControlPolicyRequest
 * @return DeleteControlPolicyResponse
 */
async function deleteControlPolicy(request: DeleteControlPolicyRequest): DeleteControlPolicyResponse {
  var runtime = new Util.RuntimeOptions{};
  return deleteControlPolicyWithOptions(request, runtime);
}

model DeleteFolderRequest {
  folderId?: string(name='FolderId', description='The ID of the folder.

This parameter is required.', example='fd-ae1in7****'),
}

model DeleteFolderResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='9B34724D-54B0-4A51-B34D-4512372FE1BE'),
}

model DeleteFolderResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DeleteFolderResponseBody(name='body'),
}

/**
 * @description >  Before you delete a folder, make sure that the folder does not contain any member accounts or child folders.
 *
 * @param request DeleteFolderRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DeleteFolderResponse
 */
async function deleteFolderWithOptions(request: DeleteFolderRequest, runtime: Util.RuntimeOptions): DeleteFolderResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.folderId)) {
    query['FolderId'] = request.folderId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DeleteFolder',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @description >  Before you delete a folder, make sure that the folder does not contain any member accounts or child folders.
 *
 * @param request DeleteFolderRequest
 * @return DeleteFolderResponse
 */
async function deleteFolder(request: DeleteFolderRequest): DeleteFolderResponse {
  var runtime = new Util.RuntimeOptions{};
  return deleteFolderWithOptions(request, runtime);
}

model DeletePolicyRequest {
  policyName?: string(name='PolicyName', description='The name of the policy.

The name must be 1 to 128 characters in length and can contain letters, digits, and hyphens (-).

This parameter is required.', example='OSS-Administrator'),
}

model DeletePolicyResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='898FAB24-7509-43EE-A287-086FE4C44394'),
}

model DeletePolicyResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DeletePolicyResponseBody(name='body'),
}

/**
 * @summary 删除权限策略
 *
 * @description > 
 * *   Before you delete a policy, you must delete all non-default versions of the policy. For more information about how to delete a policy version, see [DeletePolicyVersion](https://help.aliyun.com/document_detail/159041.html).
 * *   Before you delete a policy, make sure that the policy is not referenced. This means that the policy is not attached to RAM users, RAM user groups, or RAM roles. For more information about how to detach a policy, see [DetachPolicy](https://help.aliyun.com/document_detail/159168.html).
 *
 * @param request DeletePolicyRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DeletePolicyResponse
 */
async function deletePolicyWithOptions(request: DeletePolicyRequest, runtime: Util.RuntimeOptions): DeletePolicyResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.policyName)) {
    query['PolicyName'] = request.policyName;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DeletePolicy',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary 删除权限策略
 *
 * @description > 
 * *   Before you delete a policy, you must delete all non-default versions of the policy. For more information about how to delete a policy version, see [DeletePolicyVersion](https://help.aliyun.com/document_detail/159041.html).
 * *   Before you delete a policy, make sure that the policy is not referenced. This means that the policy is not attached to RAM users, RAM user groups, or RAM roles. For more information about how to detach a policy, see [DetachPolicy](https://help.aliyun.com/document_detail/159168.html).
 *
 * @param request DeletePolicyRequest
 * @return DeletePolicyResponse
 */
async function deletePolicy(request: DeletePolicyRequest): DeletePolicyResponse {
  var runtime = new Util.RuntimeOptions{};
  return deletePolicyWithOptions(request, runtime);
}

model DeletePolicyVersionRequest {
  policyName?: string(name='PolicyName', description='The name of the policy.

The name must be 1 to 128 characters in length and can contain letters, digits, and hyphens (-).

This parameter is required.', example='OSS-Administrator'),
  versionId?: string(name='VersionId', description='The ID of the policy version.

You can call the [ListPolicyVersions](https://help.aliyun.com/document_detail/159982.html) operation to query the ID.

This parameter is required.', example='v3'),
}

model DeletePolicyVersionResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='9B34724D-54B0-4A51-B34D-4512372FE1BE'),
}

model DeletePolicyVersionResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DeletePolicyVersionResponseBody(name='body'),
}

/**
 * @summary 删除权限策略版本
 *
 * @description >  The default version of a permission policy cannot be deleted.
 *
 * @param request DeletePolicyVersionRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DeletePolicyVersionResponse
 */
async function deletePolicyVersionWithOptions(request: DeletePolicyVersionRequest, runtime: Util.RuntimeOptions): DeletePolicyVersionResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.policyName)) {
    query['PolicyName'] = request.policyName;
  }
  if (!Util.isUnset(request.versionId)) {
    query['VersionId'] = request.versionId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DeletePolicyVersion',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary 删除权限策略版本
 *
 * @description >  The default version of a permission policy cannot be deleted.
 *
 * @param request DeletePolicyVersionRequest
 * @return DeletePolicyVersionResponse
 */
async function deletePolicyVersion(request: DeletePolicyVersionRequest): DeletePolicyVersionResponse {
  var runtime = new Util.RuntimeOptions{};
  return deletePolicyVersionWithOptions(request, runtime);
}

model DeleteResourceGroupRequest {
  resourceGroupId?: string(name='ResourceGroupId', description='The ID of the resource group.

You can call the [ListResourceGroups](https://help.aliyun.com/document_detail/158855.html) operation to obtain the ID.

This parameter is required.', example='rg-9gLOoK****'),
}

model DeleteResourceGroupResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='1C488B66-B819-4D14-8711-C4EAAA13AC01'),
  resourceGroup?: {
    accountId?: string(name='AccountId', description='The ID of the Alibaba Cloud account to which the resource group belongs.', example='123456789****'),
    createDate?: string(name='CreateDate', description='The time when the resource group was created. The time is displayed in UTC.', example='2015-01-23T12:33:18Z'),
    displayName?: string(name='DisplayName', description='The display name of the resource group.', example='my-project'),
    id?: string(name='Id', description='The ID of the resource group.', example='rg-9gLOoK****'),
    name?: string(name='Name', description='The unique identifier of the resource group.', example='my-project'),
    regionStatuses?: {
      regionStatus?: [ 
      {
        regionId?: string(name='RegionId', description='The region ID.', example='cn-qingdao'),
        status?: string(name='Status', description='The status of the resource group. Valid values:

*   Creating: The resource group is being created.
*   OK: The resource group is created.
*   PendingDelete: The resource group is waiting to be deleted.
*   Deleting: The resource group is being deleted.', example='PendingDelete'),
      }
    ](name='RegionStatus')
    }(name='RegionStatuses', description='The status of the resource group in all regions.'),
    status?: string(name='Status', description='The status of the resource group. Valid values:

*   Creating: The resource group is being created.
*   OK: The resource group is created.
*   PendingDelete: The resource group is waiting to be deleted.', example='PendingDelete'),
  }(name='ResourceGroup', description='The information of the resource group.'),
}

model DeleteResourceGroupResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DeleteResourceGroupResponseBody(name='body'),
}

/**
 * @summary Deletes a resource group.
 *
 * @description >  Before you delete a resource group, you must delete all the resources in it.
 * In this example, the resource group whose ID is `rg-9gLOoK****` is deleted.
 *
 * @param request DeleteResourceGroupRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DeleteResourceGroupResponse
 */
async function deleteResourceGroupWithOptions(request: DeleteResourceGroupRequest, runtime: Util.RuntimeOptions): DeleteResourceGroupResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.resourceGroupId)) {
    query['ResourceGroupId'] = request.resourceGroupId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DeleteResourceGroup',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Deletes a resource group.
 *
 * @description >  Before you delete a resource group, you must delete all the resources in it.
 * In this example, the resource group whose ID is `rg-9gLOoK****` is deleted.
 *
 * @param request DeleteResourceGroupRequest
 * @return DeleteResourceGroupResponse
 */
async function deleteResourceGroup(request: DeleteResourceGroupRequest): DeleteResourceGroupResponse {
  var runtime = new Util.RuntimeOptions{};
  return deleteResourceGroupWithOptions(request, runtime);
}

model DeleteRoleRequest {
  roleName?: string(name='RoleName', description='The name of the RAM role.

The name must be 1 to 64 characters in length and can contain letters, digits, periods (.), and hyphens (-).

This parameter is required.', example='ECSAdmin'),
}

model DeleteRoleResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='898FAB24-7509-43EE-A287-086FE4C44394'),
}

model DeleteRoleResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DeleteRoleResponseBody(name='body'),
}

/**
 * @summary 删除角色
 *
 * @param request DeleteRoleRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DeleteRoleResponse
 */
async function deleteRoleWithOptions(request: DeleteRoleRequest, runtime: Util.RuntimeOptions): DeleteRoleResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.roleName)) {
    query['RoleName'] = request.roleName;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DeleteRole',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary 删除角色
 *
 * @param request DeleteRoleRequest
 * @return DeleteRoleResponse
 */
async function deleteRole(request: DeleteRoleRequest): DeleteRoleResponse {
  var runtime = new Util.RuntimeOptions{};
  return deleteRoleWithOptions(request, runtime);
}

model DeleteServiceLinkedRoleRequest {
  roleName?: string(name='RoleName', description='The name of the role.

This parameter is required.', example='AliyunServiceRoleForPolarDB'),
}

model DeleteServiceLinkedRoleResponseBody = {
  deletionTaskId?: string(name='DeletionTaskId', description='The ID of the deletion task.', example='task/acs-service-role/polardb.aliyuncs.com/AliyunServiceRoleForPolarDB/64c4f9cc-fac2-4692-ae1b-804ae4b9****'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='B595E5BF-FF5F-4E7F-B95A-B90FE242FEB6'),
}

model DeleteServiceLinkedRoleResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DeleteServiceLinkedRoleResponseBody(name='body'),
}

/**
 * @summary 删除服务关联角色
 *
 * @param request DeleteServiceLinkedRoleRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DeleteServiceLinkedRoleResponse
 */
async function deleteServiceLinkedRoleWithOptions(request: DeleteServiceLinkedRoleRequest, runtime: Util.RuntimeOptions): DeleteServiceLinkedRoleResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.roleName)) {
    query['RoleName'] = request.roleName;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DeleteServiceLinkedRole',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary 删除服务关联角色
 *
 * @param request DeleteServiceLinkedRoleRequest
 * @return DeleteServiceLinkedRoleResponse
 */
async function deleteServiceLinkedRole(request: DeleteServiceLinkedRoleRequest): DeleteServiceLinkedRoleResponse {
  var runtime = new Util.RuntimeOptions{};
  return deleteServiceLinkedRoleWithOptions(request, runtime);
}

model DeregisterDelegatedAdministratorRequest {
  accountId?: string(name='AccountId', description='The ID of the member in the resource directory.

This parameter is required.', example='181761095690****'),
  servicePrincipal?: string(name='ServicePrincipal', description='The identifier of the trusted service.

For more information, see the `Trusted service identifier` column in [Supported trusted services](https://help.aliyun.com/document_detail/208133.html).

This parameter is required.', example='cloudfw.aliyuncs.com'),
}

model DeregisterDelegatedAdministratorResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='DF5D5C52-7BD0-40E7-94C6-23A1505038A2'),
}

model DeregisterDelegatedAdministratorResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DeregisterDelegatedAdministratorResponseBody(name='body'),
}

/**
 * @summary 注销代理管理员
 *
 * @description >  If the delegated administrator account that you want to remove has historical management tasks in the related trusted service, the trusted service may be affected after the delegated administrator account is removed. Therefore, proceed with caution.
 * This topic provides an example on how to call the API operation to remove the delegated administrator account `181761095690****` for Cloud Firewall.
 *
 * @param request DeregisterDelegatedAdministratorRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DeregisterDelegatedAdministratorResponse
 */
async function deregisterDelegatedAdministratorWithOptions(request: DeregisterDelegatedAdministratorRequest, runtime: Util.RuntimeOptions): DeregisterDelegatedAdministratorResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.accountId)) {
    query['AccountId'] = request.accountId;
  }
  if (!Util.isUnset(request.servicePrincipal)) {
    query['ServicePrincipal'] = request.servicePrincipal;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DeregisterDelegatedAdministrator',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary 注销代理管理员
 *
 * @description >  If the delegated administrator account that you want to remove has historical management tasks in the related trusted service, the trusted service may be affected after the delegated administrator account is removed. Therefore, proceed with caution.
 * This topic provides an example on how to call the API operation to remove the delegated administrator account `181761095690****` for Cloud Firewall.
 *
 * @param request DeregisterDelegatedAdministratorRequest
 * @return DeregisterDelegatedAdministratorResponse
 */
async function deregisterDelegatedAdministrator(request: DeregisterDelegatedAdministratorRequest): DeregisterDelegatedAdministratorResponse {
  var runtime = new Util.RuntimeOptions{};
  return deregisterDelegatedAdministratorWithOptions(request, runtime);
}

model DestroyResourceDirectoryResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='9B34724D-54B0-4A51-B34D-4512372FE1BE'),
}

model DestroyResourceDirectoryResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DestroyResourceDirectoryResponseBody(name='body'),
}

/**
 * @description Before you disable a resource directory, make sure that the following requirements are met:
 * *   All member accounts must be removed from the resource directory. For more information about how to remove a member account, see [RemoveCloudAccount](https://help.aliyun.com/document_detail/159431.html).
 * *   All folders except the root folder must be deleted from the resource directory. For more information about how to delete a folder, see [DeleteFolder](https://help.aliyun.com/document_detail/159432.html).
 *
 * @param request DestroyResourceDirectoryRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DestroyResourceDirectoryResponse
 */
async function destroyResourceDirectoryWithOptions(runtime: Util.RuntimeOptions): DestroyResourceDirectoryResponse {
  var req = new OpenApi.OpenApiRequest{};
  var params = new OpenApi.Params{
    action = 'DestroyResourceDirectory',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @description Before you disable a resource directory, make sure that the following requirements are met:
 * *   All member accounts must be removed from the resource directory. For more information about how to remove a member account, see [RemoveCloudAccount](https://help.aliyun.com/document_detail/159431.html).
 * *   All folders except the root folder must be deleted from the resource directory. For more information about how to delete a folder, see [DeleteFolder](https://help.aliyun.com/document_detail/159432.html).
 *
 * @return DestroyResourceDirectoryResponse
 */
async function destroyResourceDirectory(): DestroyResourceDirectoryResponse {
  var runtime = new Util.RuntimeOptions{};
  return destroyResourceDirectoryWithOptions(runtime);
}

model DetachControlPolicyRequest {
  policyId?: string(name='PolicyId', description='The ID of the access control policy.

This parameter is required.', example='cp-jExXAqIYkwHN****'),
  targetId?: string(name='TargetId', description='The ID of the object from which you want to detach the access control policy. Access control policies can be attached to the following objects:

*   Root folder
*   Subfolders of the Root folder
*   Members

This parameter is required.', example='fd-ZDNPiT****'),
}

model DetachControlPolicyResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='9EA4F962-1A2E-4AFE-BE0C-B14736FC46CC'),
}

model DetachControlPolicyResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DetachControlPolicyResponseBody(name='body'),
}

/**
 * @summary 解绑管控策略
 *
 * @description After you detach an access control policy, the operations performed on resources by using members are not limited by the policy. Make sure that the detached policy meets your expectations. Otherwise, your business may be affected.
 * Both the system and custom access control policies can be detached. If an object has only one access control policy attached, the policy cannot be detached.
 * This topic provides an example on how to call the API operation to detach the custom control policy `cp-jExXAqIYkwHN****` from the folder `fd-ZDNPiT****`.
 *
 * @param request DetachControlPolicyRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DetachControlPolicyResponse
 */
async function detachControlPolicyWithOptions(request: DetachControlPolicyRequest, runtime: Util.RuntimeOptions): DetachControlPolicyResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.policyId)) {
    query['PolicyId'] = request.policyId;
  }
  if (!Util.isUnset(request.targetId)) {
    query['TargetId'] = request.targetId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DetachControlPolicy',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary 解绑管控策略
 *
 * @description After you detach an access control policy, the operations performed on resources by using members are not limited by the policy. Make sure that the detached policy meets your expectations. Otherwise, your business may be affected.
 * Both the system and custom access control policies can be detached. If an object has only one access control policy attached, the policy cannot be detached.
 * This topic provides an example on how to call the API operation to detach the custom control policy `cp-jExXAqIYkwHN****` from the folder `fd-ZDNPiT****`.
 *
 * @param request DetachControlPolicyRequest
 * @return DetachControlPolicyResponse
 */
async function detachControlPolicy(request: DetachControlPolicyRequest): DetachControlPolicyResponse {
  var runtime = new Util.RuntimeOptions{};
  return detachControlPolicyWithOptions(request, runtime);
}

model DetachPolicyRequest {
  policyName?: string(name='PolicyName', description='The name of the policy.

The name must be 1 to 128 characters in length and can contain letters, digits, and hyphens (-).

This parameter is required.', example='OSS-Administrator'),
  policyType?: string(name='PolicyType', description='The type of the policy. Valid values:

*   Custom: custom policy
*   System: system policy

This parameter is required.', example='Custom'),
  principalName?: string(name='PrincipalName', description='The name of the object to which the policy is attached.

This parameter is required.', example='alice@demo.onaliyun.com'),
  principalType?: string(name='PrincipalType', description='The type of the object to which the policy is attached. Valid values:

*   IMSUser: RAM user
*   IMSGroup: RAM user group
*   ServiceRole: RAM role

This parameter is required.', example='IMSUser'),
  resourceGroupId?: string(name='ResourceGroupId', description='The ID of the resource group or the ID of the Alibaba Cloud account to which the resource group belongs.

This parameter specifies the resource group or Alibaba Cloud account for which you want to revoke permissions.

This parameter is required.', example='rg-9gLOoK****'),
}

model DetachPolicyResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='697852FB-50D7-44D9-9774-530C31EAC572'),
}

model DetachPolicyResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DetachPolicyResponseBody(name='body'),
}

/**
 * @summary 为RAM身份移除权限
 *
 * @param request DetachPolicyRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DetachPolicyResponse
 */
async function detachPolicyWithOptions(request: DetachPolicyRequest, runtime: Util.RuntimeOptions): DetachPolicyResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.policyName)) {
    query['PolicyName'] = request.policyName;
  }
  if (!Util.isUnset(request.policyType)) {
    query['PolicyType'] = request.policyType;
  }
  if (!Util.isUnset(request.principalName)) {
    query['PrincipalName'] = request.principalName;
  }
  if (!Util.isUnset(request.principalType)) {
    query['PrincipalType'] = request.principalType;
  }
  if (!Util.isUnset(request.resourceGroupId)) {
    query['ResourceGroupId'] = request.resourceGroupId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DetachPolicy',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary 为RAM身份移除权限
 *
 * @param request DetachPolicyRequest
 * @return DetachPolicyResponse
 */
async function detachPolicy(request: DetachPolicyRequest): DetachPolicyResponse {
  var runtime = new Util.RuntimeOptions{};
  return detachPolicyWithOptions(request, runtime);
}

model DisableAssociatedTransferResponseBody = {
  requestId?: string(name='RequestId', description='The request ID.', example='7CE0AE54-6F27-5522-A429-4C5EE8FD40C8'),
}

model DisableAssociatedTransferResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DisableAssociatedTransferResponseBody(name='body'),
}

/**
 * @summary Disables the Transfer Associated Resources feature.
 *
 * @param request DisableAssociatedTransferRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DisableAssociatedTransferResponse
 */
async function disableAssociatedTransferWithOptions(runtime: Util.RuntimeOptions): DisableAssociatedTransferResponse {
  var req = new OpenApi.OpenApiRequest{};
  var params = new OpenApi.Params{
    action = 'DisableAssociatedTransfer',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Disables the Transfer Associated Resources feature.
 *
 * @return DisableAssociatedTransferResponse
 */
async function disableAssociatedTransfer(): DisableAssociatedTransferResponse {
  var runtime = new Util.RuntimeOptions{};
  return disableAssociatedTransferWithOptions(runtime);
}

model DisableAutoGroupingResponseBody = {
  requestId?: string(name='RequestId', description='The request ID.', example='898FAB24-7509-43EE-A287-086FE4C44394'),
}

model DisableAutoGroupingResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DisableAutoGroupingResponseBody(name='body'),
}

/**
 * @summary Disables the Automatic Resource Transfer feature. After the feature is disabled, existing custom transfer rules and existing transfer rules for associated resources are deleted. However, existing relationships between resources and resource groups are not affected. If you still want to use this feature, you can enable it again 1 minute later.
 *
 * @param request DisableAutoGroupingRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DisableAutoGroupingResponse
 */
async function disableAutoGroupingWithOptions(runtime: Util.RuntimeOptions): DisableAutoGroupingResponse {
  var req = new OpenApi.OpenApiRequest{};
  var params = new OpenApi.Params{
    action = 'DisableAutoGrouping',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Disables the Automatic Resource Transfer feature. After the feature is disabled, existing custom transfer rules and existing transfer rules for associated resources are deleted. However, existing relationships between resources and resource groups are not affected. If you still want to use this feature, you can enable it again 1 minute later.
 *
 * @return DisableAutoGroupingResponse
 */
async function disableAutoGrouping(): DisableAutoGroupingResponse {
  var runtime = new Util.RuntimeOptions{};
  return disableAutoGroupingWithOptions(runtime);
}

model DisableControlPolicyResponseBody = {
  enablementStatus?: string(name='EnablementStatus', description='The status of the Control Policy feature. Valid values:

*   Enabled: The Control Policy feature is enabled.
*   PendingEnable: The Control Policy feature is being enabled.
*   Disabled: The Control Policy feature is disabled.
*   PendingDisable: The Control Policy feature is being disabled.', example='PendingDisable'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='7C709979-451D-4C92-835D-7DDCCAA562E9'),
}

model DisableControlPolicyResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DisableControlPolicyResponseBody(name='body'),
}

/**
 * @summary 禁用管控策略
 *
 * @description After you disable the Control Policy feature, the system automatically detaches all control policies that are attached to folders and member accounts. The system does not delete these control policies, but you cannot attach them to folders or member accounts again.
 * >  If you disable the Control Policy feature, the permissions of all folders and member accounts in a resource directory are affected. You must proceed with caution.
 *
 * @param request DisableControlPolicyRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DisableControlPolicyResponse
 */
async function disableControlPolicyWithOptions(runtime: Util.RuntimeOptions): DisableControlPolicyResponse {
  var req = new OpenApi.OpenApiRequest{};
  var params = new OpenApi.Params{
    action = 'DisableControlPolicy',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary 禁用管控策略
 *
 * @description After you disable the Control Policy feature, the system automatically detaches all control policies that are attached to folders and member accounts. The system does not delete these control policies, but you cannot attach them to folders or member accounts again.
 * >  If you disable the Control Policy feature, the permissions of all folders and member accounts in a resource directory are affected. You must proceed with caution.
 *
 * @return DisableControlPolicyResponse
 */
async function disableControlPolicy(): DisableControlPolicyResponse {
  var runtime = new Util.RuntimeOptions{};
  return disableControlPolicyWithOptions(runtime);
}

model EnableAssociatedTransferResponseBody = {
  requestId?: string(name='RequestId', description='The request ID.', example='2D69A58F-345C-4FDE-88E4-BF5189484114'),
}

model EnableAssociatedTransferResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: EnableAssociatedTransferResponseBody(name='body'),
}

/**
 * @summary Enables the Transfer Associated Resources feature.
 *
 * @param request EnableAssociatedTransferRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return EnableAssociatedTransferResponse
 */
async function enableAssociatedTransferWithOptions(runtime: Util.RuntimeOptions): EnableAssociatedTransferResponse {
  var req = new OpenApi.OpenApiRequest{};
  var params = new OpenApi.Params{
    action = 'EnableAssociatedTransfer',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Enables the Transfer Associated Resources feature.
 *
 * @return EnableAssociatedTransferResponse
 */
async function enableAssociatedTransfer(): EnableAssociatedTransferResponse {
  var runtime = new Util.RuntimeOptions{};
  return enableAssociatedTransferWithOptions(runtime);
}

model EnableAutoGroupingResponseBody = {
  requestId?: string(name='RequestId', description='The request ID.', example='DF5D5C52-7BD0-40E7-94C6-23A1505038A2'),
}

model EnableAutoGroupingResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: EnableAutoGroupingResponseBody(name='body'),
}

/**
 * @summary Enables the Automatic Resource Transfer feature. After the feature is enabled, you can create, update, delete, and query transfer rules.
 *
 * @param request EnableAutoGroupingRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return EnableAutoGroupingResponse
 */
async function enableAutoGroupingWithOptions(runtime: Util.RuntimeOptions): EnableAutoGroupingResponse {
  var req = new OpenApi.OpenApiRequest{};
  var params = new OpenApi.Params{
    action = 'EnableAutoGrouping',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Enables the Automatic Resource Transfer feature. After the feature is enabled, you can create, update, delete, and query transfer rules.
 *
 * @return EnableAutoGroupingResponse
 */
async function enableAutoGrouping(): EnableAutoGroupingResponse {
  var runtime = new Util.RuntimeOptions{};
  return enableAutoGroupingWithOptions(runtime);
}

model EnableControlPolicyResponseBody = {
  enablementStatus?: string(name='EnablementStatus', description='The status of the Control Policy feature. Valid values:

*   Enabled: The Control Policy feature is enabled.
*   PendingEnable: The Control Policy feature is being enabled.
*   Disabled: The Control Policy feature is disabled.
*   PendingDisable: The Control Policy feature is being disabled.', example='PendingEnable'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='8CE7BD95-EFFA-4911-A1E0-BD4412697FEB'),
}

model EnableControlPolicyResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: EnableControlPolicyResponseBody(name='body'),
}

/**
 * @summary Enables the Control Policy feature.
 *
 * @description The Control Policy feature allows you to manage the permission boundaries of the folders or member accounts in a resource directory in a centralized manner. This feature is implemented based on the resource directory. You can use this feature to develop common or dedicated rules for access control. The Control Policy feature does not grant permissions but only defines permission boundaries. A member account in a resource directory can be used to access resources only after it is granted the required permissions by using the Resource Access Management (RAM) service. For more information, see [Overview of the Control Policy feature](https://help.aliyun.com/document_detail/178671.html).
 *
 * @param request EnableControlPolicyRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return EnableControlPolicyResponse
 */
async function enableControlPolicyWithOptions(runtime: Util.RuntimeOptions): EnableControlPolicyResponse {
  var req = new OpenApi.OpenApiRequest{};
  var params = new OpenApi.Params{
    action = 'EnableControlPolicy',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Enables the Control Policy feature.
 *
 * @description The Control Policy feature allows you to manage the permission boundaries of the folders or member accounts in a resource directory in a centralized manner. This feature is implemented based on the resource directory. You can use this feature to develop common or dedicated rules for access control. The Control Policy feature does not grant permissions but only defines permission boundaries. A member account in a resource directory can be used to access resources only after it is granted the required permissions by using the Resource Access Management (RAM) service. For more information, see [Overview of the Control Policy feature](https://help.aliyun.com/document_detail/178671.html).
 *
 * @return EnableControlPolicyResponse
 */
async function enableControlPolicy(): EnableControlPolicyResponse {
  var runtime = new Util.RuntimeOptions{};
  return enableControlPolicyWithOptions(runtime);
}

model EnableResourceDirectoryRequest {
  enableMode?: string(name='EnableMode', description='The mode in which you enable a resource directory. Valid values:

*   CurrentAccount: indicates that the current account is used to enable a resource directory.
*   NewManagementAccount: indicates that a newly created account is used to enable a resource directory. If you select this mode, you must configure the `MAName`, `MASecureMobilePhone`, and `VerificationCode` parameters.

This parameter is required.', example='CurrentAccount'),
  MAName?: string(name='MAName', description='The name of the newly created account.

Specify the name in the `<Prefix>@rdadmin.aliyunid.com` format. The prefix can contain letters, digits, and special characters but cannot contain consecutive special characters. The prefix must start with a letter or digit and end with a letter or digit. Valid special characters include underscores (_), periods (.), and hyphens (-). The prefix must be 2 to 50 characters in length.', example='user01@rdadmin.aliyunid.com'),
  MASecureMobilePhone?: string(name='MASecureMobilePhone', description='The mobile phone number that is bound to the newly created account.

If you leave this parameter empty, the mobile phone number that is bound to the current account is used. The mobile phone number you specify must be the same as the mobile phone number that you specify when you call the [SendVerificationCodeForEnableRD](https://help.aliyun.com/document_detail/364248.html) operation to obtain a verification code.

Specify the mobile phone number in the `<Country code>-<Mobile phone number>` format.

>  Mobile phone numbers in the `86-<Mobile phone number>` format in the Chinese mainland are not supported.', example='xx-13900001234'),
  verificationCode?: string(name='VerificationCode', description='The verification code.

You can call the [SendVerificationCodeForEnableRD](https://help.aliyun.com/document_detail/364248.html) operation to obtain the verification code.', example='123456'),
}

model EnableResourceDirectoryResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='EC2FE94D-A4A2-51A1-A493-5C273A36C46A'),
  resourceDirectory?: {
    createTime?: string(name='CreateTime', description='The time when the resource directory was enabled.', example='2021-12-08T02:15:31.744Z'),
    masterAccountId?: string(name='MasterAccountId', description='The ID of the management account.', example='507408460615****'),
    masterAccountName?: string(name='MasterAccountName', description='The name of the management account.', example='alice@example.com'),
    resourceDirectoryId?: string(name='ResourceDirectoryId', description='The ID of the resource directory.', example='rd-54****'),
    rootFolderId?: string(name='RootFolderId', description='The ID of the Root folder.', example='r-G9****'),
  }(name='ResourceDirectory', description='The information of the resource directory.'),
}

model EnableResourceDirectoryResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: EnableResourceDirectoryResponseBody(name='body'),
}

/**
 * @summary 开启RD
 *
 * @description You can use the current account or a newly created account to enable a resource directory. For more information, see [Enable a resource directory](https://help.aliyun.com/document_detail/111215.html).
 * In this example, the current account is used to enable a resource directory.
 *
 * @param request EnableResourceDirectoryRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return EnableResourceDirectoryResponse
 */
async function enableResourceDirectoryWithOptions(request: EnableResourceDirectoryRequest, runtime: Util.RuntimeOptions): EnableResourceDirectoryResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.enableMode)) {
    query['EnableMode'] = request.enableMode;
  }
  if (!Util.isUnset(request.MAName)) {
    query['MAName'] = request.MAName;
  }
  if (!Util.isUnset(request.MASecureMobilePhone)) {
    query['MASecureMobilePhone'] = request.MASecureMobilePhone;
  }
  if (!Util.isUnset(request.verificationCode)) {
    query['VerificationCode'] = request.verificationCode;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'EnableResourceDirectory',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary 开启RD
 *
 * @description You can use the current account or a newly created account to enable a resource directory. For more information, see [Enable a resource directory](https://help.aliyun.com/document_detail/111215.html).
 * In this example, the current account is used to enable a resource directory.
 *
 * @param request EnableResourceDirectoryRequest
 * @return EnableResourceDirectoryResponse
 */
async function enableResourceDirectory(request: EnableResourceDirectoryRequest): EnableResourceDirectoryResponse {
  var runtime = new Util.RuntimeOptions{};
  return enableResourceDirectoryWithOptions(request, runtime);
}

model GetAccountRequest {
  accountId?: string(name='AccountId', description='The Alibaba Cloud account ID of the member.

This parameter is required.', example='181761095690****'),
  includeTags?: boolean(name='IncludeTags', description='Specifies whether to return the information of tags. Valid values:

*   false (default value)
*   true', example='true'),
}

model GetAccountResponseBody = {
  account?: {
    accountId?: string(name='AccountId', description='The Alibaba Cloud account ID of the member.', example='181761095690****'),
    accountName?: string(name='AccountName', description='The Alibaba Cloud account name of the member.', example='someone@example.com'),
    displayName?: string(name='DisplayName', description='The display name of the member.', example='admin'),
    emailStatus?: string(name='EmailStatus', description='The status of the modification for the email address bound to the member. Valid values:

*   WAIT_MODIFY: in progress
*   CANCELLED: canceled
*   EXPIRED: expired

If the value of this parameter is empty, no modification is performed for the email address.', example='WAIT_MODIFY'),
    folderId?: string(name='FolderId', description='The ID of the folder.', example='fd-bVaRIG****'),
    identityInformation?: string(name='IdentityInformation', description='The real-name verification information.', example='aliyun-admin'),
    joinMethod?: string(name='JoinMethod', description='The way in which the member joins the resource directory. Valid values:

*   invited: The member is invited to join the resource directory.
*   created: The member is directly created in the resource directory.', example='created'),
    joinTime?: string(name='JoinTime', description='The time when the member joined the resource directory.', example='2015-01-23T12:33:18Z'),
    location?: string(name='Location', description='The location of the member in the resource directory.'),
    modifyTime?: string(name='ModifyTime', description='The time when the member was modified.', example='2015-01-23T12:33:18Z'),
    resourceDirectoryId?: string(name='ResourceDirectoryId', description='The ID of the resource directory.', example='rd-k3****'),
    resourceDirectoryPath?: string(name='ResourceDirectoryPath', description='The path of the member in the resource directory.'),
    status?: string(name='Status', description='The status of the member. Valid values:

*   CreateSuccess: The member is created.
*   PromoteVerifying: The upgrade of the member is being confirmed.
*   PromoteFailed: The upgrade of the member fails.
*   PromoteExpired: The upgrade of the member expires.
*   PromoteCancelled: The upgrade of the member is canceled.
*   PromoteSuccess: The member is upgraded.
*   InviteSuccess: The member accepts the invitation.', example='CreateSuccess'),
    tags?: [ 
      {
        key?: string(name='Key', description='A tag key.', example='tag_key'),
        value?: string(name='Value', description='A tag value.', example='tag_value'),
      }
    ](name='Tags', description='The tags that are added to the member.'),
    type?: string(name='Type', description='The type of the member. Valid values:

*   CloudAccount: cloud account
*   ResourceAccount: resource account', example='ResourceAccount'),
  }(name='Account', description='The information of the member.'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='9B34724D-54B0-4A51-B34D-4512372FE1BE'),
}

model GetAccountResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: GetAccountResponseBody(name='body'),
}

/**
 * @description This topic provides an example on how to call the API operation to query the information of the member whose Alibaba Cloud account ID is `181761095690****`.
 *
 * @param request GetAccountRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return GetAccountResponse
 */
async function getAccountWithOptions(request: GetAccountRequest, runtime: Util.RuntimeOptions): GetAccountResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.accountId)) {
    query['AccountId'] = request.accountId;
  }
  if (!Util.isUnset(request.includeTags)) {
    query['IncludeTags'] = request.includeTags;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'GetAccount',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @description This topic provides an example on how to call the API operation to query the information of the member whose Alibaba Cloud account ID is `181761095690****`.
 *
 * @param request GetAccountRequest
 * @return GetAccountResponse
 */
async function getAccount(request: GetAccountRequest): GetAccountResponse {
  var runtime = new Util.RuntimeOptions{};
  return getAccountWithOptions(request, runtime);
}

model GetAccountDeletionCheckResultRequest {
  accountId?: string(name='AccountId', description='The ID of the member that you want to delete.

This parameter is required.', example='179855839641****'),
}

model GetAccountDeletionCheckResultResponseBody = {
  accountDeletionCheckResultInfo?: {
    abandonableChecks?: [ 
      {
        checkId?: string(name='CheckId', description='The ID of the check item.', example='NON_SP_cs'),
        checkName?: string(name='CheckName', description='The name of the cloud service to which the check item belongs.', example='Container Service for Kubernetes'),
        description?: string(name='Description', description='The description of the check item.', example='An instance of a cloud service is running within the member. Submit a ticket to contact Alibaba Cloud technical support.'),
      }
    ](name='AbandonableChecks', description='The check items that you can choose to ignore for the member deletion.

>  This parameter may be returned if the value of AllowDelete is true.'),
    allowDelete?: string(name='AllowDelete', description='Indicates whether the member can be deleted. Valid values:

*   true: The member can be deleted.
*   false: The member cannot be deleted.', example='false'),
    notAllowReason?: [ 
      {
        checkId?: string(name='CheckId', description='The ID of the check item.', example='NON_SP_efc'),
        checkName?: string(name='CheckName', description='The name of the cloud service to which the check item belongs.', example='Enterprise finance'),
        description?: string(name='Description', description='The description of the check item.', example='This account is an Enterprise Finance associated account. Please remove the financial association of this account before deleting it.'),
      }
    ](name='NotAllowReason', description='The reasons why the member cannot be deleted.

>  This parameter is returned only if the value of AllowDelete is false.'),
    status?: string(name='Status', description='The status of the check. Valid values:

*   PreCheckComplete: The check is complete.
*   PreChecking: The check is in progress.', example='PreCheckComplete'),
  }(name='AccountDeletionCheckResultInfo', description='The result of the deletion check for the member.'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='54AC391D-4F7F-5F08-B8D3-0AECDE6EC5BD'),
}

model GetAccountDeletionCheckResultResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: GetAccountDeletionCheckResultResponseBody(name='body'),
}

/**
 * @summary Queries the result of a member deletion check.
 *
 * @description After you call the [CheckAccountDelete](https://help.aliyun.com/document_detail/448542.html) operation to perform a member deletion check, you can call the GetAccountDeletionCheckResult operation to query the check result. If the check result shows that the member meets deletion requirements, you can delete the member. Otherwise, you need to first modify the items that do not meet requirements.
 * This topic provides an example on how to call the API operation to query the result of the deletion check for the member whose ID is `179855839641****`. The response shows that the member does not meet deletion requirements.
 *
 * @param request GetAccountDeletionCheckResultRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return GetAccountDeletionCheckResultResponse
 */
async function getAccountDeletionCheckResultWithOptions(request: GetAccountDeletionCheckResultRequest, runtime: Util.RuntimeOptions): GetAccountDeletionCheckResultResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.accountId)) {
    query['AccountId'] = request.accountId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'GetAccountDeletionCheckResult',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Queries the result of a member deletion check.
 *
 * @description After you call the [CheckAccountDelete](https://help.aliyun.com/document_detail/448542.html) operation to perform a member deletion check, you can call the GetAccountDeletionCheckResult operation to query the check result. If the check result shows that the member meets deletion requirements, you can delete the member. Otherwise, you need to first modify the items that do not meet requirements.
 * This topic provides an example on how to call the API operation to query the result of the deletion check for the member whose ID is `179855839641****`. The response shows that the member does not meet deletion requirements.
 *
 * @param request GetAccountDeletionCheckResultRequest
 * @return GetAccountDeletionCheckResultResponse
 */
async function getAccountDeletionCheckResult(request: GetAccountDeletionCheckResultRequest): GetAccountDeletionCheckResultResponse {
  var runtime = new Util.RuntimeOptions{};
  return getAccountDeletionCheckResultWithOptions(request, runtime);
}

model GetAccountDeletionStatusRequest {
  accountId?: string(name='AccountId', description='The Alibaba Cloud account ID of the member.

This parameter is required.', example='169946124551****'),
}

model GetAccountDeletionStatusResponseBody = {
  rdAccountDeletionStatus?: {
    accountId?: string(name='AccountId', description='The Alibaba Cloud account ID of the member.', example='169946124551****'),
    createTime?: string(name='CreateTime', description='The start time of the deletion.', example='2022-08-23T17:05:30+08:00'),
    deletionTime?: string(name='DeletionTime', description='The end time of the deletion.

This parameter is required.', example='2022-08-23T17:06:01+08:00'),
    deletionType?: string(name='DeletionType', description='The type of the deletion. Valid values:

*   0: direct deletion. If the member does not have pay-as-you-go resources that are purchased within the previous 30 days, the system directly deletes the member.
*   1: deletion with a silence period. If the member has pay-as-you-go resources that are purchased within the previous 30 days, the member enters a silence period. The system starts to delete the member until the silence period ends. For more information about the silence period, see [What is the silence period for member deletion?](https://help.aliyun.com/document_detail/446079.html)', example='0'),
    failReasonList?: [ 
      {
        description?: string(name='Description', description='The description of the check item.', example='This account has a payer account. Please release the financial relationship of this account first.'),
        name?: string(name='Name', description='The name of the cloud service to which the check item belongs.', example='Others'),
      }
    ](name='FailReasonList', description='The reasons why the member fails to be deleted.'),
    status?: string(name='Status', description='The status. Valid values:

*   Success: The member is deleted.
*   Checking: A deletion check is being performed for the member.
*   Deleting: The member is being deleted.
*   CheckFailed: The deletion check for the member fails.
*   DeleteFailed: The member fails to be deleted.', example='Success'),
  }(name='RdAccountDeletionStatus', description='The deletion status of the member.'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='8AA43293-7C8F-5730-8F2D-7F864EC092C5'),
}

model GetAccountDeletionStatusResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: GetAccountDeletionStatusResponseBody(name='body'),
}

/**
 * @summary 获取账号删除状态
 *
 * @description This topic provides an example on how to call the API operation to query the deletion status of the member whose Alibaba Cloud account ID is `169946124551****`. The response shows that the member is deleted.
 *
 * @param request GetAccountDeletionStatusRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return GetAccountDeletionStatusResponse
 */
async function getAccountDeletionStatusWithOptions(request: GetAccountDeletionStatusRequest, runtime: Util.RuntimeOptions): GetAccountDeletionStatusResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.accountId)) {
    query['AccountId'] = request.accountId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'GetAccountDeletionStatus',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary 获取账号删除状态
 *
 * @description This topic provides an example on how to call the API operation to query the deletion status of the member whose Alibaba Cloud account ID is `169946124551****`. The response shows that the member is deleted.
 *
 * @param request GetAccountDeletionStatusRequest
 * @return GetAccountDeletionStatusResponse
 */
async function getAccountDeletionStatus(request: GetAccountDeletionStatusRequest): GetAccountDeletionStatusResponse {
  var runtime = new Util.RuntimeOptions{};
  return getAccountDeletionStatusWithOptions(request, runtime);
}

model GetAutoGroupingRuleRequest {
  ruleId?: string(name='RuleId', description='The ID of the rule.

This parameter is required.', example='gr-acfo******hy6a'),
}

model GetAutoGroupingRuleResponseBody = {
  requestId?: string(name='RequestId', description='The request ID.', example='9EA4F962-1A2E-4AFE-BE0C-B14736FC46CC'),
  rule?: {
    createTime?: string(name='CreateTime', description='The time when the rule was created.', example='2025-01-01T10:00:00+08:00'),
    excludeRegionIdsScope?: string(name='ExcludeRegionIdsScope', description='The IDs of excluded regions. Multiple IDs are separated by commas (,).', example='cn-hangzhou,cn-shanghai'),
    excludeResourceGroupIdsScope?: string(name='ExcludeResourceGroupIdsScope', description='The IDs of excluded resource groups. Multiple IDs are separated by commas (,).', example='rg-aekz******4b5ea,rg-aek2******fxykq'),
    excludeResourceIdsScope?: string(name='ExcludeResourceIdsScope', description='The IDs of excluded resources. Multiple IDs are separated by commas (,).', example='i-2zee******ym49kfmwis,vpc-5ts6******fnw493g849a'),
    excludeResourceTypesScope?: string(name='ExcludeResourceTypesScope', description='The excluded resource types. Multiple resource types are separated by commas (,).', example='ecs.instance,vpc.vpc'),
    modifyTime?: string(name='ModifyTime', description='The time when the rule was modified.', example='2025-01-01T10:00:00+08:00'),
    regionIdsScope?: string(name='RegionIdsScope', description='The IDs of regions. Multiple IDs are separated by commas (,).', example='cn-hangzhou,cn-shanghai'),
    resourceGroupIdsScope?: string(name='ResourceGroupIdsScope', description='The IDs of resource groups. Multiple IDs are separated by commas (,).', example='rg-aekz******4b5ea,rg-aek2******fxykq'),
    resourceIdsScope?: string(name='ResourceIdsScope', description='The IDs of resources. Multiple IDs are separated by commas (,).', example='i-2zee******ym49kfmwis,vpc-5ts6******fnw493g849a'),
    resourceTypesScope?: string(name='ResourceTypesScope', description='The resource types. Multiple resource types are separated by commas (,).', example='ecs.instance,vpc.vpc'),
    ruleContents?: [ 
      {
        autoGroupingScopeCondition?: string(name='AutoGroupingScopeCondition', description='The condition for the range of resources that are automatically transferred.', example='{"children":[{"desired":"{\\\\"env\\\\":\\\\"online\\\\", \\\\"project\\\\":\\\\"A\\\\"}","featurePath":"$.tags","featureSource":"RESOURCE","operator":"TagMatchAll"}],"operator":"and"}'),
        ruleContentId?: string(name='RuleContentId', description='The ID of the content record.', example='grc-acfo******fwybpq'),
        targetResourceGroupCondition?: string(name='TargetResourceGroupCondition', description='The condition for the destination resource group.', example='{"children":[{"desired":"rg-aek2********qcy","featurePath":"$.resourceGroupId","featureSource":"RESOURCE","operator":"StringEquals"}],"operator":"and"}'),
      }
    ](name='RuleContents', description='The content records of the rule.'),
    ruleDesc?: string(name='RuleDesc', description='The description of the rule.', example='Transfer resources to which the {"env": "online"} and {"project": "A"} tags are added to the resource group rg-aek2********qcy.'),
    ruleId?: string(name='RuleId', description='The ID of the rule.', example='gr-acfo******hy6a'),
    ruleName?: string(name='RuleName', description='The name of the rule.', example='Custom Transfer Rule for Online Resources of Project A'),
    ruleType?: string(name='RuleType', description='The type of the rule. Valid values:

*   custom_condition: custom transfer rule
*   associated_transfer: transfer rule for associated resources', example='associated_transfer'),
  }(name='Rule', description='The information about the rule.'),
}

model GetAutoGroupingRuleResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: GetAutoGroupingRuleResponseBody(name='body'),
}

/**
 * @summary Queries the information about a transfer rule.
 *
 * @param request GetAutoGroupingRuleRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return GetAutoGroupingRuleResponse
 */
async function getAutoGroupingRuleWithOptions(request: GetAutoGroupingRuleRequest, runtime: Util.RuntimeOptions): GetAutoGroupingRuleResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.ruleId)) {
    query['RuleId'] = request.ruleId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'GetAutoGroupingRule',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Queries the information about a transfer rule.
 *
 * @param request GetAutoGroupingRuleRequest
 * @return GetAutoGroupingRuleResponse
 */
async function getAutoGroupingRule(request: GetAutoGroupingRuleRequest): GetAutoGroupingRuleResponse {
  var runtime = new Util.RuntimeOptions{};
  return getAutoGroupingRuleWithOptions(request, runtime);
}

model GetAutoGroupingStatusResponseBody = {
  enableExistedResourcesTransfer?: boolean(name='EnableExistedResourcesTransfer', description='Indicates whether the Transfer Existing Associated Resources feature is enabled. Valid values:

*   true
*   false', example='true'),
  enableStatus?: string(name='EnableStatus', description='The status of the Automatic Resource Transfer feature. Valid values:

*   Enabling: The feature is being enabled.
*   Enable: The feature is enabled.
*   Partial_Enable: The transfer of associated resources is enabled, but custom transfer rule-based resource transfer is disabled. You can call the [EnableAutoGrouping](https://help.aliyun.com/document_detail/2870380.html) operation to enable custom transfer rule-based resource transfer.
*   Disable: The feature is disabled.', example='Enable'),
  requestId?: string(name='RequestId', description='The request ID.', example='0217AFEB-5318-56D4-B167-1933D83EDF3F'),
}

model GetAutoGroupingStatusResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: GetAutoGroupingStatusResponseBody(name='body'),
}

/**
 * @summary Queries the status of the Automatic Resource Transfer feature.
 *
 * @param request GetAutoGroupingStatusRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return GetAutoGroupingStatusResponse
 */
async function getAutoGroupingStatusWithOptions(runtime: Util.RuntimeOptions): GetAutoGroupingStatusResponse {
  var req = new OpenApi.OpenApiRequest{};
  var params = new OpenApi.Params{
    action = 'GetAutoGroupingStatus',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Queries the status of the Automatic Resource Transfer feature.
 *
 * @return GetAutoGroupingStatusResponse
 */
async function getAutoGroupingStatus(): GetAutoGroupingStatusResponse {
  var runtime = new Util.RuntimeOptions{};
  return getAutoGroupingStatusWithOptions(runtime);
}

model GetControlPolicyRequest {
  language?: string(name='Language', description='The language in which you want to return the description of the access control policy. Valid values:

*   zh-CN (default value): Chinese
*   en: English
*   ja: Japanese

>  This parameter is valid only for system access control policies.', example='zh-CN'),
  policyId?: string(name='PolicyId', description='The ID of the access control policy.

This parameter is required.', example='cp-SImPt8GCEwiq****'),
}

model GetControlPolicyResponseBody = {
  controlPolicy?: {
    attachmentCount?: string(name='AttachmentCount', description='The number of times that the access control policy is referenced.', example='0'),
    createDate?: string(name='CreateDate', description='The time when the access control policy was created.', example='2021-03-18T08:51:33Z'),
    description?: string(name='Description', description='The description of the access control policy.', example='ExampleControlPolicy'),
    effectScope?: string(name='EffectScope', description='The effective scope of the access control policy. Valid values:

*   All: The access control policy is in effect for Alibaba Cloud accounts, RAM users, and RAM roles.
*   RAM: The access control policy is in effect only for RAM users and RAM roles.', example='RAM'),
    policyDocument?: string(name='PolicyDocument', description='The document of the access control policy.', example='{\\\\"Version\\\\":\\\\"1\\\\",\\\\"Statement\\\\":[{\\\\"Effect\\\\":\\\\"Deny\\\\",\\\\"Action\\\\":[\\\\"ram:UpdateRole\\\\",\\\\"ram:DeleteRole\\\\",\\\\"ram:AttachPolicyToRole\\\\",\\\\"ram:DetachPolicyFromRole\\\\"],\\\\"Resource\\\\":\\\\"acs:ram:*:*:role/ResourceDirectoryAccountAccessRole\\\\"}]}'),
    policyId?: string(name='PolicyId', description='The ID of the access control policy.', example='cp-SImPt8GCEwiq****'),
    policyName?: string(name='PolicyName', description='The name of the access control policy.', example='test'),
    policyType?: string(name='PolicyType', description='The type of the access control policy. Valid values:

*   System: system access control policy
*   Custom: custom access control policy', example='Custom'),
    updateDate?: string(name='UpdateDate', description='The time when the access control policy was updated.', example='2021-03-18T08:51:33Z'),
  }(name='ControlPolicy', description='The details of the access control policy.'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='AB769936-CDFA-4D52-8CE2-A3581800044A'),
}

model GetControlPolicyResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: GetControlPolicyResponseBody(name='body'),
}

/**
 * @description This topic provides an example on how to call the API operation to query the details of the access control policy whose ID is `cp-SImPt8GCEwiq****`.
 *
 * @param request GetControlPolicyRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return GetControlPolicyResponse
 */
async function getControlPolicyWithOptions(request: GetControlPolicyRequest, runtime: Util.RuntimeOptions): GetControlPolicyResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.language)) {
    query['Language'] = request.language;
  }
  if (!Util.isUnset(request.policyId)) {
    query['PolicyId'] = request.policyId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'GetControlPolicy',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @description This topic provides an example on how to call the API operation to query the details of the access control policy whose ID is `cp-SImPt8GCEwiq****`.
 *
 * @param request GetControlPolicyRequest
 * @return GetControlPolicyResponse
 */
async function getControlPolicy(request: GetControlPolicyRequest): GetControlPolicyResponse {
  var runtime = new Util.RuntimeOptions{};
  return getControlPolicyWithOptions(request, runtime);
}

model GetControlPolicyEnablementStatusResponseBody = {
  enablementStatus?: string(name='EnablementStatus', description='The status of the Control Policy feature. Valid values:

*   Enabled: The Control Policy feature is enabled.
*   PendingEnable: The Control Policy feature is being enabled.
*   Disabled: The Control Policy feature is disabled.
*   PendingDisable: The Control Policy feature is being disabled.', example='Disabled'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='1DC39A4E-3B52-4EFE-9F93-4897D7FFA0C4'),
}

model GetControlPolicyEnablementStatusResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: GetControlPolicyEnablementStatusResponseBody(name='body'),
}

/**
 * @summary Queries the status of the Control Policy feature.
 *
 * @param request GetControlPolicyEnablementStatusRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return GetControlPolicyEnablementStatusResponse
 */
async function getControlPolicyEnablementStatusWithOptions(runtime: Util.RuntimeOptions): GetControlPolicyEnablementStatusResponse {
  var req = new OpenApi.OpenApiRequest{};
  var params = new OpenApi.Params{
    action = 'GetControlPolicyEnablementStatus',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Queries the status of the Control Policy feature.
 *
 * @return GetControlPolicyEnablementStatusResponse
 */
async function getControlPolicyEnablementStatus(): GetControlPolicyEnablementStatusResponse {
  var runtime = new Util.RuntimeOptions{};
  return getControlPolicyEnablementStatusWithOptions(runtime);
}

model GetFolderRequest {
  folderId?: string(name='FolderId', description='The ID of the folder.

This parameter is required.', example='fd-Jyl5U7****'),
}

model GetFolderResponseBody = {
  folder?: {
    createTime?: string(name='CreateTime', description='The time when the folder was created.', example='2021-06-15T06:39:08.521Z'),
    folderId?: string(name='FolderId', description='The ID of the folder.', example='fd-Jyl5U7****'),
    folderName?: string(name='FolderName', description='The name of the folder.', example='Applications'),
    parentFolderId?: string(name='ParentFolderId', description='The ID of the parent folder.', example='r-Wm****'),
    resourceDirectoryPath?: string(name='ResourceDirectoryPath', description='The path of the folder in the resource directory.'),
  }(name='Folder', description='The information of the folder.'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='C2CBCA30-C8DD-423E-B4AD-4FB694C9180C'),
}

model GetFolderResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: GetFolderResponseBody(name='body'),
}

/**
 * @description In this example, the information of the folder `fd-Jyl5U7****` is queried.
 *
 * @param request GetFolderRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return GetFolderResponse
 */
async function getFolderWithOptions(request: GetFolderRequest, runtime: Util.RuntimeOptions): GetFolderResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.folderId)) {
    query['FolderId'] = request.folderId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'GetFolder',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @description In this example, the information of the folder `fd-Jyl5U7****` is queried.
 *
 * @param request GetFolderRequest
 * @return GetFolderResponse
 */
async function getFolder(request: GetFolderRequest): GetFolderResponse {
  var runtime = new Util.RuntimeOptions{};
  return getFolderWithOptions(request, runtime);
}

model GetHandshakeRequest {
  handshakeId?: string(name='HandshakeId', description='The ID of the invitation.

This parameter is required.', example='h-ycm4rp****'),
}

model GetHandshakeResponseBody = {
  handshake?: {
    createTime?: string(name='CreateTime', description='The time when the invitation was created. The time is displayed in UTC.', example='2018-08-10T09:55:41Z'),
    expireTime?: string(name='ExpireTime', description='The time when the invitation expires. The time is displayed in UTC.', example='2018-08-24T09:55:41Z'),
    handshakeId?: string(name='HandshakeId', description='The ID of the invitation.', example='h-ycm4rp****'),
    invitedAccountRealName?: string(name='InvitedAccountRealName', description='The real-name verification information of the invitee.

>  This parameter is available only when an invitee calls this operation.', example='Alice'),
    masterAccountId?: string(name='MasterAccountId', description='The ID of the management account of the resource directory.', example='172841235500****'),
    masterAccountName?: string(name='MasterAccountName', description='The name of the management account of the resource directory.', example='company@example.com'),
    masterAccountRealName?: string(name='MasterAccountRealName', description='The real-name verification information of the management account of the resource directory.

>  This parameter is available only when an invitee calls this operation.', example='company'),
    modifyTime?: string(name='ModifyTime', description='The time when the invitation was modified. The time is displayed in UTC.', example='2018-08-10T09:55:41Z'),
    note?: string(name='Note', description='The comment on the invitation.', example='Welcome'),
    resourceDirectoryId?: string(name='ResourceDirectoryId', description='The ID of the resource directory.', example='rd-abcdef****'),
    status?: string(name='Status', description='The status of the invitation. Valid values:

*   Pending: The invitation is waiting for confirmation.
*   Accepted: The invitation is accepted.
*   Cancelled: The invitation is canceled.
*   Declined: The invitation is rejected.
*   Expired: The invitation expires.', example='Pending'),
    targetEntity?: string(name='TargetEntity', description='The ID or logon email address of the invited account.', example='someone@example.com'),
    targetType?: string(name='TargetType', description='The type of the invited account. Valid values:

*   Account: indicates the ID of the account.
*   Email: indicates the logon email address of the account.', example='Email'),
  }(name='Handshake', description='The information of the invitation.'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='9B34724D-54B0-4A51-B34D-4512372FE1BE'),
}

model GetHandshakeResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: GetHandshakeResponseBody(name='body'),
}

/**
 * @summary Queries the information of an invitation.
 *
 * @description In this example, the information of the invitation whose ID is `h-ycm4rp****` is queried.
 *
 * @param request GetHandshakeRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return GetHandshakeResponse
 */
async function getHandshakeWithOptions(request: GetHandshakeRequest, runtime: Util.RuntimeOptions): GetHandshakeResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.handshakeId)) {
    query['HandshakeId'] = request.handshakeId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'GetHandshake',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Queries the information of an invitation.
 *
 * @description In this example, the information of the invitation whose ID is `h-ycm4rp****` is queried.
 *
 * @param request GetHandshakeRequest
 * @return GetHandshakeResponse
 */
async function getHandshake(request: GetHandshakeRequest): GetHandshakeResponse {
  var runtime = new Util.RuntimeOptions{};
  return getHandshakeWithOptions(request, runtime);
}

model GetPayerForAccountRequest {
  accountId?: string(name='AccountId', description='The ID of the account.

This parameter is required.', example='12323344****'),
}

model GetPayerForAccountResponseBody = {
  payerAccountId?: string(name='PayerAccountId', description='The ID of the settlement account.', example='172841235500****'),
  payerAccountName?: string(name='PayerAccountName', description='The name of the settlement account.', example='Alice'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='9B34724D-54B0-4A51-B34D-4512372FE1BE'),
}

model GetPayerForAccountResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: GetPayerForAccountResponseBody(name='body'),
}

/**
 * @param request GetPayerForAccountRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return GetPayerForAccountResponse
 */
async function getPayerForAccountWithOptions(request: GetPayerForAccountRequest, runtime: Util.RuntimeOptions): GetPayerForAccountResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.accountId)) {
    query['AccountId'] = request.accountId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'GetPayerForAccount',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @param request GetPayerForAccountRequest
 * @return GetPayerForAccountResponse
 */
async function getPayerForAccount(request: GetPayerForAccountRequest): GetPayerForAccountResponse {
  var runtime = new Util.RuntimeOptions{};
  return getPayerForAccountWithOptions(request, runtime);
}

model GetPolicyRequest {
  language?: string(name='Language', description='The language that is used to return the description of the system policy. Valid values:

*   en: English
*   zh-CN: Chinese
*   ja: Japanese', example='zh-CN'),
  policyName?: string(name='PolicyName', description='The name of the policy.

The name must be 1 to 128 characters in length and can contain letters, digits, and hyphens (-).

This parameter is required.', example='OSS-Administrator'),
  policyType?: string(name='PolicyType', description='The type of the policy. Valid values:

*   Custom: custom policy
*   System: system policy

This parameter is required.', example='Custom'),
}

model GetPolicyResponseBody = {
  policy?: {
    attachmentCount?: int32(name='AttachmentCount', description='The number of times the policy is referenced.', example='0'),
    createDate?: string(name='CreateDate', description='The time when the policy was created.', example='2015-01-23T12:33:18Z'),
    defaultVersion?: string(name='DefaultVersion', description='The default version of the policy.', example='v1'),
    description?: string(name='Description', description='The description of the policy.', example='OSS administrator'),
    policyDocument?: string(name='PolicyDocument', description='The document of the policy.', example='{ "Statement": [{ "Action": ["oss:*"], "Effect": "Allow", "Resource": ["acs:oss:*:*:*"]}], "Version": "1"}'),
    policyName?: string(name='PolicyName', description='The name of the policy.', example='OSS-Administrator'),
    policyType?: string(name='PolicyType', description='The type of the policy. Valid values:

*   Custom: custom policy
*   System: system policy', example='Custom'),
    updateDate?: string(name='UpdateDate', description='The time when the policy was updated.', example='2016-01-23T12:33:18Z'),
  }(name='Policy', description='The information of the policy.'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='697852FB-50D7-44D9-9774-530C31EAC572'),
}

model GetPolicyResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: GetPolicyResponseBody(name='body'),
}

/**
 * @summary Queries the information of a policy.
 *
 * @param request GetPolicyRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return GetPolicyResponse
 */
async function getPolicyWithOptions(request: GetPolicyRequest, runtime: Util.RuntimeOptions): GetPolicyResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.language)) {
    query['Language'] = request.language;
  }
  if (!Util.isUnset(request.policyName)) {
    query['PolicyName'] = request.policyName;
  }
  if (!Util.isUnset(request.policyType)) {
    query['PolicyType'] = request.policyType;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'GetPolicy',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Queries the information of a policy.
 *
 * @param request GetPolicyRequest
 * @return GetPolicyResponse
 */
async function getPolicy(request: GetPolicyRequest): GetPolicyResponse {
  var runtime = new Util.RuntimeOptions{};
  return getPolicyWithOptions(request, runtime);
}

model GetPolicyVersionRequest {
  policyName?: string(name='PolicyName', description='The name of the policy.

The name must be 1 to 128 characters in length and can contain letters, digits, and hyphens (-).

This parameter is required.', example='OSS-Administrator'),
  policyType?: string(name='PolicyType', description='The type of the policy. Valid values:

*   Custom: custom policy
*   System: system policy

This parameter is required.', example='Custom'),
  versionId?: string(name='VersionId', description='The ID of the policy version.

This parameter is required.', example='v3'),
}

model GetPolicyVersionResponseBody = {
  policyVersion?: {
    createDate?: string(name='CreateDate', description='The time when the policy version was created.', example='2015-01-23T12:33:18Z'),
    isDefaultVersion?: boolean(name='IsDefaultVersion', description='Indicates whether the policy version is the default version.', example='false'),
    policyDocument?: string(name='PolicyDocument', description='The document of the policy.', example='{ \\\\"Statement\\\\": [{ \\\\"Action\\\\": [\\\\"oss:*\\\\"], \\\\"Effect\\\\": \\\\"Allow\\\\", \\\\"Resource\\\\": [\\\\"acs:oss:*:*:*\\\\"]}], \\\\"Version\\\\": \\\\"1\\\\"}'),
    versionId?: string(name='VersionId', description='The ID of the policy version.', example='v3'),
  }(name='PolicyVersion', description='The information of the policy version.'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='9B34724D-54B0-4A51-B34D-4512372FE1BE'),
}

model GetPolicyVersionResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: GetPolicyVersionResponseBody(name='body'),
}

/**
 * @summary 获取权限策略的指定版本
 *
 * @param request GetPolicyVersionRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return GetPolicyVersionResponse
 */
async function getPolicyVersionWithOptions(request: GetPolicyVersionRequest, runtime: Util.RuntimeOptions): GetPolicyVersionResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.policyName)) {
    query['PolicyName'] = request.policyName;
  }
  if (!Util.isUnset(request.policyType)) {
    query['PolicyType'] = request.policyType;
  }
  if (!Util.isUnset(request.versionId)) {
    query['VersionId'] = request.versionId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'GetPolicyVersion',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary 获取权限策略的指定版本
 *
 * @param request GetPolicyVersionRequest
 * @return GetPolicyVersionResponse
 */
async function getPolicyVersion(request: GetPolicyVersionRequest): GetPolicyVersionResponse {
  var runtime = new Util.RuntimeOptions{};
  return getPolicyVersionWithOptions(request, runtime);
}

model GetResourceDirectoryResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='CD76D376-2517-4924-92C5-DBC52262F93A'),
  resourceDirectory?: {
    controlPolicyStatus?: string(name='ControlPolicyStatus', description='The status of the Control Policy feature. Valid values:

*   Enabled: The feature is enabled.
*   PendingEnable: The feature is being enabled.
*   Disabled: The feature is disabled.
*   PendingDisable: The feature is being disabled.', example='Enabled'),
    createTime?: string(name='CreateTime', description='The time when the resource directory was enabled.', example='2019-02-18T15:32:10.473Z'),
    identityInformation?: string(name='IdentityInformation', description='The real-name verification information.', example='\\\\*\\\\*\\\\* Co., Ltd.'),
    masterAccountId?: string(name='MasterAccountId', description='The ID of the management account.', example='172845045600****'),
    masterAccountName?: string(name='MasterAccountName', description='The name of the management account.', example='aliyun-admin'),
    memberDeletionStatus?: string(name='MemberDeletionStatus', description='The status of the member deletion feature. Valid values:

*   Enabled: The feature is enabled. You can call the [DeleteAccount](https://help.aliyun.com/document_detail/311546.html) operation to delete members of the resource account type.
*   Disabled: The feature is disabled. You cannot delete members of the resource account type.', example='Enabled'),
    resourceDirectoryId?: string(name='ResourceDirectoryId', description='The ID of the resource directory.', example='rd-St****'),
    rootFolderId?: string(name='RootFolderId', description='The ID of the Root folder.', example='r-Zo****'),
  }(name='ResourceDirectory', description='The information of the resource directory.'),
}

model GetResourceDirectoryResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: GetResourceDirectoryResponseBody(name='body'),
}

/**
 * @summary Queries the information of a resource directory. If you use a management account to call this API operation, the system returns the information of the resource directory that is enabled by using the management account. If you use a member to call this operation, the system returns the information of
 *
 * @description This topic provides an example on how to use a management account to call the API operation to query the information of the resource directory that is enabled by using the management account.
 *
 * @param request GetResourceDirectoryRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return GetResourceDirectoryResponse
 */
async function getResourceDirectoryWithOptions(runtime: Util.RuntimeOptions): GetResourceDirectoryResponse {
  var req = new OpenApi.OpenApiRequest{};
  var params = new OpenApi.Params{
    action = 'GetResourceDirectory',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Queries the information of a resource directory. If you use a management account to call this API operation, the system returns the information of the resource directory that is enabled by using the management account. If you use a member to call this operation, the system returns the information of
 *
 * @description This topic provides an example on how to use a management account to call the API operation to query the information of the resource directory that is enabled by using the management account.
 *
 * @return GetResourceDirectoryResponse
 */
async function getResourceDirectory(): GetResourceDirectoryResponse {
  var runtime = new Util.RuntimeOptions{};
  return getResourceDirectoryWithOptions(runtime);
}

model GetResourceGroupRequest {
  includeTags?: boolean(name='IncludeTags', description='The ID of the request.', example='true'),
  resourceGroupId?: string(name='ResourceGroupId', description='Specifies whether to return the information of tags. Valid values:

*   false (default value)
*   true

This parameter is required.', example='rg-9gLOoK****'),
}

model GetResourceGroupResponseBody = {
  requestId?: string(name='RequestId', description='The information of the resource group.', example='2D69A58F-345C-4FDE-88E4-BF5189484043'),
  resourceGroup?: {
    accountId?: string(name='AccountId', description='The identifier of the resource group.', example='123456789****'),
    createDate?: string(name='CreateDate', description='The ID of the resource group.', example='2015-01-23T12:33:18Z'),
    displayName?: string(name='DisplayName', description='The status of the resource group. Valid values:

*   Creating: The resource group is being created.
*   OK: The resource group is created.
*   PendingDelete: The resource group is waiting to be deleted.', example='my-project'),
    id?: string(name='Id', description='The tags that are added to the resource group.', example='rg-9gLOoK****'),
    name?: string(name='Name', description='The time when the resource group was created. The time is displayed in UTC.', example='my-project'),
    regionStatuses?: {
      regionStatus?: [ 
      {
        regionId?: string(name='RegionId', description='The ID of the Alibaba Cloud account to which the resource group belongs.', example='cn-qingdao'),
        status?: string(name='Status', description='The region ID.', example='OK'),
      }
    ](name='RegionStatus')
    }(name='RegionStatuses', description='The status of the resource group. Valid values:

*   Creating: The resource group is being created.
*   OK: The resource group is created.
*   PendingDelete: The resource group is waiting to be deleted.
*   Deleting: The resource group is being deleted.'),
    status?: string(name='Status', description='The status of the resource group in all regions.', example='OK'),
    tags?: {
      tag?: [ 
      {
        tagKey?: string(name='TagKey', description='The tag value.', example='k1'),
        tagValue?: string(name='TagValue', example='v1'),
      }
    ](name='Tag')
    }(name='Tags', description='The tag key.'),
  }(name='ResourceGroup', description='The display name of the resource group.'),
}

model GetResourceGroupResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: GetResourceGroupResponseBody(name='body'),
}

/**
 * @summary In this example, the information of the resource group whose ID is `rg-9gLOoK****` is queried.
 *
 * @description For more information about common request parameters, see [Common parameters](https://help.aliyun.com/document_detail/159973.html).
 *
 * @param request GetResourceGroupRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return GetResourceGroupResponse
 */
async function getResourceGroupWithOptions(request: GetResourceGroupRequest, runtime: Util.RuntimeOptions): GetResourceGroupResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.includeTags)) {
    query['IncludeTags'] = request.includeTags;
  }
  if (!Util.isUnset(request.resourceGroupId)) {
    query['ResourceGroupId'] = request.resourceGroupId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'GetResourceGroup',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary In this example, the information of the resource group whose ID is `rg-9gLOoK****` is queried.
 *
 * @description For more information about common request parameters, see [Common parameters](https://help.aliyun.com/document_detail/159973.html).
 *
 * @param request GetResourceGroupRequest
 * @return GetResourceGroupResponse
 */
async function getResourceGroup(request: GetResourceGroupRequest): GetResourceGroupResponse {
  var runtime = new Util.RuntimeOptions{};
  return getResourceGroupWithOptions(request, runtime);
}

model GetRoleRequest {
  language?: string(name='Language', description='The language that is used to return the description of the RAM role. Valid values:

*   en: English
*   zh-CN: Chinese
*   ja: Japanese', example='zh-CN'),
  roleName?: string(name='RoleName', description='The name of the RAM role.

The name must be 1 to 64 characters in length and can contain letters, digits, periods (.), and hyphens (-).

This parameter is required.', example='ECSAdmin'),
}

model GetRoleResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='04F0F334-1335-436C-A1D7-6C044FE73368'),
  role?: {
    arn?: string(name='Arn', description='The Alibaba Cloud Resource Name (ARN) of the RAM role.', example='acs:ram::123456789012****:role/ECSAdmin'),
    assumeRolePolicyDocument?: string(name='AssumeRolePolicyDocument', description='The document of the policy that specifies the trusted entity to assume the RAM role.', example='{ \\\\"Statement\\\\": [ { \\\\"Action\\\\": \\\\"sts:AssumeRole\\\\", \\\\"Effect\\\\": \\\\"Allow\\\\", \\\\"Principal\\\\": { \\\\"RAM\\\\": \\\\"acs:ram::12345678901234****:root\\\\" } } ], \\\\"Version\\\\": \\\\"1\\\\" }'),
    createDate?: string(name='CreateDate', description='The time when the RAM role was created.', example='2015-01-23T12:33:18Z'),
    description?: string(name='Description', description='The description of the RAM role.', example='ECS administrator'),
    isServiceLinkedRole?: boolean(name='IsServiceLinkedRole', description='Indicates whether the RAM role is a service linked role.', example='true'),
    latestDeletionTask?: {
      createDate?: string(name='CreateDate', description='The time when the deletion task was created.', example='2018-10-23T12:33:18Z'),
      deletionTaskId?: string(name='DeletionTaskId', description='The ID of the deletion task.', example='ECSAdmin/cc61514b-26eb-4453-ab53-b142eb702a3d'),
    }(name='LatestDeletionTask', description='The information of the most recent deletion task.'),
    maxSessionDuration?: long(name='MaxSessionDuration', description='The maximum session duration of the RAM role.', example='3600'),
    roleId?: string(name='RoleId', description='The ID of the RAM role.', example='90123456789****'),
    roleName?: string(name='RoleName', description='The name of the RAM role.', example='ECSAdmin'),
    rolePrincipalName?: string(name='RolePrincipalName', description='The name of the RAM role after authorization.', example='ECSAdmin@role.123456.onaliyunservice.com'),
    updateDate?: string(name='UpdateDate', description='The time when the RAM role was updated.', example='2016-01-23T12:33:18Z'),
  }(name='Role', description='The information of the RAM role.'),
}

model GetRoleResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: GetRoleResponseBody(name='body'),
}

/**
 * @summary Queries the information of a RAM role.
 *
 * @param request GetRoleRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return GetRoleResponse
 */
async function getRoleWithOptions(request: GetRoleRequest, runtime: Util.RuntimeOptions): GetRoleResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.language)) {
    query['Language'] = request.language;
  }
  if (!Util.isUnset(request.roleName)) {
    query['RoleName'] = request.roleName;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'GetRole',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Queries the information of a RAM role.
 *
 * @param request GetRoleRequest
 * @return GetRoleResponse
 */
async function getRole(request: GetRoleRequest): GetRoleResponse {
  var runtime = new Util.RuntimeOptions{};
  return getRoleWithOptions(request, runtime);
}

model GetServiceLinkedRoleDeletionStatusRequest {
  deletionTaskId?: string(name='DeletionTaskId', description='The ID of the deletion task.', example='task/acs-service-role/hdr.aliyuncs.com/AliyunServiceRoleForHdr/c4d22c52-247f-4ee1-83a2-6c0460bd****'),
}

model GetServiceLinkedRoleDeletionStatusResponseBody = {
  reason?: {
    message?: string(name='Message', description='Failure information.', example='Service-Linked Role acs:ram::196813227629****:role/aliyunserviceroleforhdr cannot be deleted as it is in use by hdr.aliyuncs.com.'),
    roleUsages?: {
      roleUsage?: [ 
      {
        region?: string(name='Region', description='The IDs of the regions in which the resources are to be queried.', example='global'),
        resources?: {
          resource?: [ string ](name='Resource')
        }(name='Resources', description='The returned resources.'),
      }
    ](name='RoleUsage')
    }(name='RoleUsages', description='Use resource information of the service linked role.'),
  }(name='Reason', description='The reason why the deletion task failed.'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='07194EB1-DB50-4513-A51D-99B30D635AEF'),
  status?: string(name='Status', description='The status of the task.

- SUCCEEDED
- IN_PROGRESS
- FAILED
- NOT_STARTED
- INTERNAL_ERROR', example='FAILED'),
}

model GetServiceLinkedRoleDeletionStatusResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: GetServiceLinkedRoleDeletionStatusResponseBody(name='body'),
}

/**
 * @summary Query the status of the deletion task for a service linked role.
 *
 * @param request GetServiceLinkedRoleDeletionStatusRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return GetServiceLinkedRoleDeletionStatusResponse
 */
async function getServiceLinkedRoleDeletionStatusWithOptions(request: GetServiceLinkedRoleDeletionStatusRequest, runtime: Util.RuntimeOptions): GetServiceLinkedRoleDeletionStatusResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.deletionTaskId)) {
    query['DeletionTaskId'] = request.deletionTaskId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'GetServiceLinkedRoleDeletionStatus',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Query the status of the deletion task for a service linked role.
 *
 * @param request GetServiceLinkedRoleDeletionStatusRequest
 * @return GetServiceLinkedRoleDeletionStatusResponse
 */
async function getServiceLinkedRoleDeletionStatus(request: GetServiceLinkedRoleDeletionStatusRequest): GetServiceLinkedRoleDeletionStatusResponse {
  var runtime = new Util.RuntimeOptions{};
  return getServiceLinkedRoleDeletionStatusWithOptions(request, runtime);
}

model InitResourceDirectoryResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='CD76D376-2517-4924-92C5-DBC52262F93A'),
  resourceDirectory?: {
    createTime?: string(name='CreateTime', description='The time when the resource directory was enabled.', example='2019-02-18T15:32:10.473Z'),
    masterAccountId?: string(name='MasterAccountId', description='The ID of the enterprise management account.', example='172841235500****'),
    masterAccountName?: string(name='MasterAccountName', description='The name of the enterprise management account.', example='aliyun-****'),
    resourceDirectoryId?: string(name='ResourceDirectoryId', description='The ID of the resource directory.', example='rd-Ss****'),
    rootFolderId?: string(name='RootFolderId', description='The ID of the root folder.', example='r-Zo****'),
  }(name='ResourceDirectory', description='The information of the resource directory.'),
}

model InitResourceDirectoryResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: InitResourceDirectoryResponseBody(name='body'),
}

/**
 * @summary Enables a resource directory. After you enable a resource directory, the system automatically creates a root folder and sets the current account as the enterprise management account of the resource directory. The enterprise management account has all administrative permissions on this resource direc
 *
 * @description > 
 * *   An account can be used to enable a resource directory only after it passes enterprise real-name verification. An account that only passed individual real-name verification cannot be used to enable a resource directory.
 * *   We recommend that you only use the enterprise management account as the administrator of the resource directory. Do not use the enterprise management account to purchase cloud resources.
 *
 * @param request InitResourceDirectoryRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return InitResourceDirectoryResponse
 */
async function initResourceDirectoryWithOptions(runtime: Util.RuntimeOptions): InitResourceDirectoryResponse {
  var req = new OpenApi.OpenApiRequest{};
  var params = new OpenApi.Params{
    action = 'InitResourceDirectory',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Enables a resource directory. After you enable a resource directory, the system automatically creates a root folder and sets the current account as the enterprise management account of the resource directory. The enterprise management account has all administrative permissions on this resource direc
 *
 * @description > 
 * *   An account can be used to enable a resource directory only after it passes enterprise real-name verification. An account that only passed individual real-name verification cannot be used to enable a resource directory.
 * *   We recommend that you only use the enterprise management account as the administrator of the resource directory. Do not use the enterprise management account to purchase cloud resources.
 *
 * @return InitResourceDirectoryResponse
 */
async function initResourceDirectory(): InitResourceDirectoryResponse {
  var runtime = new Util.RuntimeOptions{};
  return initResourceDirectoryWithOptions(runtime);
}

model InviteAccountToResourceDirectoryRequest {
  note?: string(name='Note', description='The comment on the invitation.

The comment can be up to 1,024 characters in length.', example='Welcome'),
  tag?: [ 
    {
      key?: string(name='Key', description='A tag key.', example='k1'),
      value?: string(name='Value', description='A tag value.', example='v1'),
    }
  ](name='Tag', description='The tag key and value.'),
  targetEntity?: string(name='TargetEntity', description='The ID or logon email address of the account that you want to invite.

This parameter is required.', example='someone@example.com'),
  targetType?: string(name='TargetType', description='The type of the account. Valid values:

*   Account: indicates the ID of the account.
*   Email: indicates the logon email address of the account.

This parameter is required.', example='Email'),
}

model InviteAccountToResourceDirectoryResponseBody = {
  handshake?: {
    createTime?: string(name='CreateTime', description='The time when the invitation was created. The time is displayed in UTC.', example='2018-08-10T09:55:41Z'),
    expireTime?: string(name='ExpireTime', description='The time when the invitation expires. The time is displayed in UTC.', example='2018-08-24T09:55:41Z'),
    handshakeId?: string(name='HandshakeId', description='The ID of the invitation.', example='h-ycm4rp****'),
    masterAccountId?: string(name='MasterAccountId', description='The ID of the management account of the resource directory.', example='172841235500****'),
    masterAccountName?: string(name='MasterAccountName', description='The name of the management account of the resource directory.', example='Alice'),
    modifyTime?: string(name='ModifyTime', description='The time when the invitation was modified. The time is displayed in UTC.', example='2018-08-10T09:55:41Z'),
    note?: string(name='Note', description='The comment on the invitation.', example='Welcome'),
    resourceDirectoryId?: string(name='ResourceDirectoryId', description='The ID of the resource directory.', example='rd-abcdef****'),
    status?: string(name='Status', description='The status of the invitation.

*   Pending: The invitation is waiting for confirmation.
*   Accepted: The invitation is accepted.
*   Cancelled: The invitation is canceled.
*   Declined: The invitation is rejected.
*   Expired: The invitation expires.', example='Pending'),
    targetEntity?: string(name='TargetEntity', description='The ID or logon email address of the invited account.', example='someone@example.com'),
    targetType?: string(name='TargetType', description='The type of the invited account. Valid values:

*   Account: indicates the ID of the account.
*   Email: indicates the logon email address of the account.', example='Email'),
  }(name='Handshake', description='The information of the invitation.'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='9B34724D-54B0-4A51-B34D-4512372FE1BE'),
}

model InviteAccountToResourceDirectoryResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: InviteAccountToResourceDirectoryResponseBody(name='body'),
}

/**
 * @summary Invites an account to join a resource directory.
 *
 * @description This topic provides an example on how to call the API operation to invite the account `someone@example.com` to join a resource directory.
 *
 * @param request InviteAccountToResourceDirectoryRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return InviteAccountToResourceDirectoryResponse
 */
async function inviteAccountToResourceDirectoryWithOptions(request: InviteAccountToResourceDirectoryRequest, runtime: Util.RuntimeOptions): InviteAccountToResourceDirectoryResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.note)) {
    query['Note'] = request.note;
  }
  if (!Util.isUnset(request.tag)) {
    query['Tag'] = request.tag;
  }
  if (!Util.isUnset(request.targetEntity)) {
    query['TargetEntity'] = request.targetEntity;
  }
  if (!Util.isUnset(request.targetType)) {
    query['TargetType'] = request.targetType;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'InviteAccountToResourceDirectory',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Invites an account to join a resource directory.
 *
 * @description This topic provides an example on how to call the API operation to invite the account `someone@example.com` to join a resource directory.
 *
 * @param request InviteAccountToResourceDirectoryRequest
 * @return InviteAccountToResourceDirectoryResponse
 */
async function inviteAccountToResourceDirectory(request: InviteAccountToResourceDirectoryRequest): InviteAccountToResourceDirectoryResponse {
  var runtime = new Util.RuntimeOptions{};
  return inviteAccountToResourceDirectoryWithOptions(request, runtime);
}

model ListAccountsRequest {
  includeTags?: boolean(name='IncludeTags', description='Specifies whether to return the information of tags. Valid values:

*   false (default value)
*   true', example='true'),
  pageNumber?: int32(name='PageNumber', description='The number of the page to return.

Pages start from page 1. Default value: 1.', example='1'),
  pageSize?: int32(name='PageSize', description='The number of entries to return on each page.

Valid values: 1 to 100. Default value: 10.', example='10'),
  tag?: [ 
    {
      key?: string(name='Key', description='A tag key.', example='tag_key'),
      value?: string(name='Value', description='A tag value.', example='tag_value'),
    }
  ](name='Tag', description='The tag key and value.'),
}

model ListAccountsResponseBody = {
  accounts?: {
    account?: [ 
    {
      accountId?: string(name='AccountId', description='The Alibaba Cloud account ID of the member.', example='181761095690****'),
      displayName?: string(name='DisplayName', description='The display name of the member.', example='test'),
      folderId?: string(name='FolderId', description='The ID of the folder.', example='fd-QRzuim****'),
      joinMethod?: string(name='JoinMethod', description='The way in which the member joins the resource directory. Valid values:

*   invited: The member is invited to join the resource directory.
*   created: The member is directly created in the resource directory.', example='created'),
      joinTime?: string(name='JoinTime', description='The time when the member joined the resource directory. The time is displayed in UTC.', example='2021-01-18T08:01:50.522Z'),
      modifyTime?: string(name='ModifyTime', description='The time when the member was modified. The time is displayed in UTC.', example='2021-01-18T08:04:37.668Z'),
      resourceDirectoryId?: string(name='ResourceDirectoryId', description='The ID of the resource directory.', example='rd-3G****'),
      resourceDirectoryPath?: string(name='ResourceDirectoryPath', description='The path of the member in the resource directory.'),
      status?: string(name='Status', description='The status of the member. Valid values:

*   CreateSuccess: The member is created.
*   PromoteVerifying: The upgrade of the member is being confirmed.
*   PromoteFailed: The upgrade of the member fails.
*   PromoteExpired: The upgrade of the member expires.
*   PromoteCancelled: The upgrade of the member is canceled.
*   PromoteSuccess: The member is upgraded.
*   InviteSuccess: The member accepts the invitation.', example='CreateSuccess'),
      tags?: {
        tag?: [ 
        {
          key?: string(name='Key', description='A tag key.', example='tag_key'),
          value?: string(name='Value', description='A tag value.', example='tag_value'),
        }
      ](name='Tag')
      }(name='Tags', description='The tags that are added to the member.'),
      type?: string(name='Type', description='The type of the member. Valid values:

*   CloudAccount: cloud account
*   ResourceAccount: resource account', example='ResourceAccount'),
    }
  ](name='Account')
  }(name='Accounts', description='The members returned.'),
  pageNumber?: int32(name='PageNumber', description='The page number of the returned page.', example='1'),
  pageSize?: int32(name='PageSize', description='The number of entries returned per page.', example='5'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='7B8A4E7D-6CFF-471D-84DF-195A7A241ECB'),
  totalCount?: int32(name='TotalCount', description='The total number of entries returned.', example='2'),
}

model ListAccountsResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ListAccountsResponseBody(name='body'),
}

/**
 * @summary Queries all the members in a resource directory.
 *
 * @description You can use only the management account of a resource directory or a delegated administrator account of a trusted service to call this operation.
 *
 * @param request ListAccountsRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ListAccountsResponse
 */
async function listAccountsWithOptions(request: ListAccountsRequest, runtime: Util.RuntimeOptions): ListAccountsResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.includeTags)) {
    query['IncludeTags'] = request.includeTags;
  }
  if (!Util.isUnset(request.pageNumber)) {
    query['PageNumber'] = request.pageNumber;
  }
  if (!Util.isUnset(request.pageSize)) {
    query['PageSize'] = request.pageSize;
  }
  if (!Util.isUnset(request.tag)) {
    query['Tag'] = request.tag;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ListAccounts',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Queries all the members in a resource directory.
 *
 * @description You can use only the management account of a resource directory or a delegated administrator account of a trusted service to call this operation.
 *
 * @param request ListAccountsRequest
 * @return ListAccountsResponse
 */
async function listAccounts(request: ListAccountsRequest): ListAccountsResponse {
  var runtime = new Util.RuntimeOptions{};
  return listAccountsWithOptions(request, runtime);
}

model ListAccountsForParentRequest {
  includeTags?: boolean(name='IncludeTags', description='Specifies whether to return the information of tags. Valid values:

false (default value)

true', example='true'),
  pageNumber?: int32(name='PageNumber', description='The number of the page to return.

Pages start from page 1. Default value: 1.', example='1'),
  pageSize?: int32(name='PageSize', description='The number of entries to return on each page.

Valid values: 1 to 100. Default value: 10.', example='10'),
  parentFolderId?: string(name='ParentFolderId', description='The ID of the folder.', example='fd-bVaRIG****'),
  queryKeyword?: string(name='QueryKeyword', description='The keyword used for the query, such as the display name of a member.

Fuzzy match is supported.', example='admin'),
  tag?: [ 
    {
      key?: string(name='Key', description='A tag key.', example='tag_key'),
      value?: string(name='Value', description='A tag value.', example='tag_value'),
    }
  ](name='Tag', description='The tag key and value.'),
}

model ListAccountsForParentResponseBody = {
  accounts?: {
    account?: [ 
    {
      accountId?: string(name='AccountId', description='The Alibaba Cloud account ID of the member.', example='184311716100****'),
      displayName?: string(name='DisplayName', description='The display name of the member.', example='admin'),
      folderId?: string(name='FolderId', description='The ID of the folder.', example='fd-bVaRIG****'),
      joinMethod?: string(name='JoinMethod', description='The way in which the member joins the resource directory.

*   invited: The member is invited to join the resource directory.
*   created: The member is directly created in the resource directory.', example='created'),
      joinTime?: string(name='JoinTime', description='The time when the member joined the resource directory. The time is displayed in UTC.', example='2015-01-23T12:33:18Z'),
      modifyTime?: string(name='ModifyTime', description='The time when the member was modified. The time is displayed in UTC.', example='2015-01-23T12:33:18Z'),
      resourceDirectoryId?: string(name='ResourceDirectoryId', description='The ID of the resource directory.', example='rd-k4****'),
      status?: string(name='Status', description='The status of the member. Valid values:

*   CreateSuccess: The member is created.
*   PromoteVerifying: The upgrade of the member is being confirmed.
*   PromoteFailed: The upgrade of the member fails.
*   PromoteExpired: The upgrade of the member expires.
*   PromoteCancelled: The upgrade of the member is canceled.
*   PromoteSuccess: The member is upgraded.
*   InviteSuccess: The member accepts the invitation.', example='CreateSuccess'),
      tags?: {
        tag?: [ 
        {
          key?: string(name='Key', description='A tag key.', example='tag_key'),
          value?: string(name='Value', description='A tag value.', example='tag_value'),
        }
      ](name='Tag')
      }(name='Tags', description='The tags that are added to the member.'),
      type?: string(name='Type', description='The type of the member.

*   CloudAccount: cloud account
*   ResourceAccount: resource account', example='ResourceAccount'),
    }
  ](name='Account')
  }(name='Accounts', description='The information of the members.'),
  pageNumber?: int32(name='PageNumber', description='The page number of the returned page.', example='1'),
  pageSize?: int32(name='PageSize', description='The number of entries returned per page.', example='5'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='7B8A4E7D-6CFF-471D-84DF-195A7A241ECB'),
  totalCount?: int32(name='TotalCount', description='The total number of entries returned.', example='2'),
}

model ListAccountsForParentResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ListAccountsForParentResponseBody(name='body'),
}

/**
 * @summary Queries the information of members in a folder.
 *
 * @param request ListAccountsForParentRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ListAccountsForParentResponse
 */
async function listAccountsForParentWithOptions(request: ListAccountsForParentRequest, runtime: Util.RuntimeOptions): ListAccountsForParentResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.includeTags)) {
    query['IncludeTags'] = request.includeTags;
  }
  if (!Util.isUnset(request.pageNumber)) {
    query['PageNumber'] = request.pageNumber;
  }
  if (!Util.isUnset(request.pageSize)) {
    query['PageSize'] = request.pageSize;
  }
  if (!Util.isUnset(request.parentFolderId)) {
    query['ParentFolderId'] = request.parentFolderId;
  }
  if (!Util.isUnset(request.queryKeyword)) {
    query['QueryKeyword'] = request.queryKeyword;
  }
  if (!Util.isUnset(request.tag)) {
    query['Tag'] = request.tag;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ListAccountsForParent',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Queries the information of members in a folder.
 *
 * @param request ListAccountsForParentRequest
 * @return ListAccountsForParentResponse
 */
async function listAccountsForParent(request: ListAccountsForParentRequest): ListAccountsForParentResponse {
  var runtime = new Util.RuntimeOptions{};
  return listAccountsForParentWithOptions(request, runtime);
}

model ListAncestorsRequest {
  childId?: string(name='ChildId', description='The ID of the child folder.

This parameter is required.', example='fd-i1c9nr****'),
}

model ListAncestorsResponseBody = {
  folders?: {
    folder?: [ 
    {
      createTime?: string(name='CreateTime', description='The time when the folder was created.', example='2019-01-18T10:03:35.217Z'),
      folderId?: string(name='FolderId', description='The ID of the folder.', example='r-b1****'),
      folderName?: string(name='FolderName', description='The name of the folder.', example='root'),
    }
  ](name='Folder')
  }(name='Folders', description='The information of the folders.'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='83AFBEB6-DC03-406E-9686-867461FF6698'),
}

model ListAncestorsResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ListAncestorsResponseBody(name='body'),
}

/**
 * @param request ListAncestorsRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ListAncestorsResponse
 */
async function listAncestorsWithOptions(request: ListAncestorsRequest, runtime: Util.RuntimeOptions): ListAncestorsResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.childId)) {
    query['ChildId'] = request.childId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ListAncestors',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @param request ListAncestorsRequest
 * @return ListAncestorsResponse
 */
async function listAncestors(request: ListAncestorsRequest): ListAncestorsResponse {
  var runtime = new Util.RuntimeOptions{};
  return listAncestorsWithOptions(request, runtime);
}

model ListAssociatedTransferSettingResponseBody = {
  associatedTransferSetting?: {
    accountId?: string(name='AccountId', description='The ID of the Alibaba Cloud account.', example='121998723923****'),
    enableExistingResourcesTransfer?: string(name='EnableExistingResourcesTransfer', description='Indicates whether the Transfer Existing Associated Resources feature is enabled. Valid values:

*   false
*   true', example='true'),
    ruleSettings?: [ 
      {
        associatedResourceType?: string(name='AssociatedResourceType', description='The type of the associated resource.', example='disk'),
        associatedService?: string(name='AssociatedService', description='The service code of the associated resource.', example='ecs'),
        masterResourceType?: string(name='MasterResourceType', description='The type of the primary resource.', example='instance'),
        masterService?: string(name='MasterService', description='The service code of the primary resource.', example='ecs'),
        status?: string(name='Status', description='The status of the Transfer Associated Resources feature. Valid values:

*   Enable: enabled
*   Disable: disabled', example='Enable'),
      }
    ](name='RuleSettings', description='The settings of transfer rules.'),
    status?: string(name='Status', description='The status of the Transfer Associated Resources feature. Valid values:

*   Enable: enabled
*   Disable: disabled', example='Enable'),
  }(name='AssociatedTransferSetting', description='The settings of the Transfer Associated Resources feature.'),
  requestId?: string(name='RequestId', description='The request ID.', example='7556FD65-45D2-5C45-9FC9-A7DE831C775C'),
}

model ListAssociatedTransferSettingResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ListAssociatedTransferSettingResponseBody(name='body'),
}

/**
 * @summary Queries the settings of the Transfer Associated Resources feature.
 *
 * @param request ListAssociatedTransferSettingRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ListAssociatedTransferSettingResponse
 */
async function listAssociatedTransferSettingWithOptions(runtime: Util.RuntimeOptions): ListAssociatedTransferSettingResponse {
  var req = new OpenApi.OpenApiRequest{};
  var params = new OpenApi.Params{
    action = 'ListAssociatedTransferSetting',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Queries the settings of the Transfer Associated Resources feature.
 *
 * @return ListAssociatedTransferSettingResponse
 */
async function listAssociatedTransferSetting(): ListAssociatedTransferSettingResponse {
  var runtime = new Util.RuntimeOptions{};
  return listAssociatedTransferSettingWithOptions(runtime);
}

model ListAutoGroupingRulesRequest {
  maxResults?: int32(name='MaxResults', description='The maximum number of entries to return for a single request. Valid values: 1 to 50.', example='10'),
  nextToken?: string(name='NextToken', description='The pagination token that is used in the next request to retrieve a new page of results. You do not need to specify this parameter for the first request. You must specify the token that is obtained from the previous query as the value of NextToken.', example='TGlzdFJlc291cm****'),
  ruleId?: string(name='RuleId', description='The ID of the rule.', example='gr-acfo******hy6a'),
  ruleName?: string(name='RuleName', description='The name of the rule.', example='Custom Transfer Rule for Online Resources of Project A'),
  ruleType?: string(name='RuleType', description='The type of the rule. Valid values:

*   custom_condition: custom transfer rule
*   associated_transfer: transfer rule for associated resources', example='custom_condition'),
}

model ListAutoGroupingRulesResponseBody = {
  maxResults?: int32(name='MaxResults', description='The maximum number of entries returned for a single request. Valid values: 1 to 50.', example='10'),
  nextToken?: string(name='NextToken', description='A pagination token. It can be used in the next request to retrieve a new page of results.', example='TGlzdFJlc291cm****'),
  requestId?: string(name='RequestId', description='The request ID.', example='9B34724D-54B0-4A51-B34D-4512372FE1BE'),
  rules?: [ 
    {
      createTime?: string(name='CreateTime', description='The time when the rule was created.', example='2025-01-01T10:00:00+08:00'),
      excludeRegionIdsScope?: string(name='ExcludeRegionIdsScope', description='The IDs of excluded regions. Multiple IDs are separated by commas (,).', example='cn-hangzhou,cn-shanghai'),
      excludeResourceGroupIdsScope?: string(name='ExcludeResourceGroupIdsScope', description='The IDs of excluded resource groups. Multiple IDs are separated by commas (,).', example='rg-aekz****ql4b5ea,rg-aek2****akfxykq'),
      excludeResourceIdsScope?: string(name='ExcludeResourceIdsScope', description='The IDs of excluded resources. Multiple IDs are separated by commas (,).', example='i-2zee******ym49kfmwis,vpc-5ts6******fnw493g849a'),
      excludeResourceTypesScope?: string(name='ExcludeResourceTypesScope', description='The excluded resource types. Multiple resource types are separated by commas (,).', example='ecs.instance,vpc.vpc'),
      modifyTime?: string(name='ModifyTime', description='The time when the rule was updated.', example='2025-01-01T10:00:00+08:00'),
      regionIdsScope?: string(name='RegionIdsScope', description='The IDs of regions. Multiple IDs are separated by commas (,).', example='cn-hangzhou,cn-shanghai'),
      resourceGroupIdsScope?: string(name='ResourceGroupIdsScope', description='The IDs of resource groups. Multiple IDs are separated by commas (,).', example='rg-aekz****ql4b5ea,rg-aek2****akfxykq'),
      resourceIdsScope?: string(name='ResourceIdsScope', description='The IDs of resources. Multiple IDs are separated by commas (,).', example='i-2zee******ym49kfmwis,vpc-5ts6******fnw493g849a'),
      resourceTypesScope?: string(name='ResourceTypesScope', description='The resource types. Multiple resource types are separated by commas (,).', example='ecs.instance,vpc.vpc'),
      ruleContents?: [ 
        {
          autoGroupingScopeCondition?: string(name='AutoGroupingScopeCondition', description='The condition for the range of resources that are automatically transferred.', example='{"children":[{"desired":"{\\\\"env\\\\":\\\\"online\\\\", \\\\"project\\\\":\\\\"A\\\\"}","featurePath":"$.tags","featureSource":"RESOURCE","operator":"TagMatchAll"}],"operator":"and"}'),
          ruleContentId?: string(name='RuleContentId', description='The ID of the content record.', example='grc-acfo******fwybpq'),
          targetResourceGroupCondition?: string(name='TargetResourceGroupCondition', description='The condition for the destination resource group.', example='{"children":[{"desired":"rg-aek2********qcy","featurePath":"$.resourceGroupId","featureSource":"RESOURCE","operator":"StringEquals"}],"operator":"and"}'),
        }
      ](name='RuleContents', description='The content records of the rule.'),
      ruleDesc?: string(name='RuleDesc', description='The description of the rule.', example='Transfer resources to which the {"env": "online"} and {"project": "A"} tags are added to the resource group rg-aek2********qcy.'),
      ruleId?: string(name='RuleId', description='The ID of the rule.', example='gr-acfo******hy6a'),
      ruleName?: string(name='RuleName', description='The name of the rule.', example='Custom Transfer Rule for Online Resources of Project A'),
      ruleType?: string(name='RuleType', description='The type of the rule. Valid values:

*   custom_condition: custom transfer rule
*   associated_transfer: transfer rule for associated resources', example='custom_condition'),
    }
  ](name='Rules', description='The queried rules.'),
}

model ListAutoGroupingRulesResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ListAutoGroupingRulesResponseBody(name='body'),
}

/**
 * @summary Queries a list of transfer rules.
 *
 * @param request ListAutoGroupingRulesRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ListAutoGroupingRulesResponse
 */
async function listAutoGroupingRulesWithOptions(request: ListAutoGroupingRulesRequest, runtime: Util.RuntimeOptions): ListAutoGroupingRulesResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.maxResults)) {
    query['MaxResults'] = request.maxResults;
  }
  if (!Util.isUnset(request.nextToken)) {
    query['NextToken'] = request.nextToken;
  }
  if (!Util.isUnset(request.ruleId)) {
    query['RuleId'] = request.ruleId;
  }
  if (!Util.isUnset(request.ruleName)) {
    query['RuleName'] = request.ruleName;
  }
  if (!Util.isUnset(request.ruleType)) {
    query['RuleType'] = request.ruleType;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ListAutoGroupingRules',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Queries a list of transfer rules.
 *
 * @param request ListAutoGroupingRulesRequest
 * @return ListAutoGroupingRulesResponse
 */
async function listAutoGroupingRules(request: ListAutoGroupingRulesRequest): ListAutoGroupingRulesResponse {
  var runtime = new Util.RuntimeOptions{};
  return listAutoGroupingRulesWithOptions(request, runtime);
}

model ListControlPoliciesRequest {
  language?: string(name='Language', description='The language in which you want to return the descriptions of the access control policies. Valid values:

- zh-CN (default value): Chinese
- en: English
- ja: Japanese

>  This parameter is valid only for system access control policies.', example='zh-CN'),
  pageNumber?: int32(name='PageNumber', description='The number of the page to return. 

Page start from page 1. Default value: 1.', example='1'),
  pageSize?: int32(name='PageSize', description='The number of entries to return on each page. 

Valid values: 1 to 100. Default value: 10.', example='10'),
  policyType?: string(name='PolicyType', description='The type of the access control policy. Valid values:

- System: system access control policy
- Custom: custom access control policy', example='System'),
}

model ListControlPoliciesResponseBody = {
  controlPolicies?: {
    controlPolicy?: [ 
    {
      attachmentCount?: string(name='AttachmentCount', description='The number of times that the access control policy is referenced.', example='44'),
      createDate?: string(name='CreateDate', description='The time when the access control policy was created.', example='2020-08-05T06:32:24Z'),
      description?: string(name='Description', description='The description of the access control policy.', example='System access control policy available for all operations on the cloud'),
      effectScope?: string(name='EffectScope', description='The effective scope of the access control policy. Valid values:

- All: The access control policy is in effect for Alibaba Cloud accounts, RAM users, and RAM roles.
- RAM: The access control policy is in effect only for RAM users and RAM roles.', example='All'),
      policyId?: string(name='PolicyId', description='The ID of the access control policy.', example='cp-FullAliyunAccess'),
      policyName?: string(name='PolicyName', description='The name of the access control policy.', example='FullAliyunAccess'),
      policyType?: string(name='PolicyType', description='The type of the access control policy. Valid values:

- System: system access control policy
- Custom: custom access control policy', example='System'),
      updateDate?: string(name='UpdateDate', description='The time when the access control policy was updated.', example='2020-08-05T06:32:24Z'),
    }
  ](name='ControlPolicy')
  }(name='ControlPolicies', description='The access control policies.'),
  pageNumber?: int32(name='PageNumber', description='The number of the returned page.', example='1'),
  pageSize?: int32(name='PageSize', description='The number of entries returned per page.', example='10'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='9424A34C-3471-45AD-B6AB-924BBDFE42F9'),
  totalCount?: int32(name='TotalCount', description='The number of access control policies.', example='1'),
}

model ListControlPoliciesResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ListControlPoliciesResponseBody(name='body'),
}

/**
 * @summary Queries access control policies.
 *
 * @description This topic provides an example on how to call the API operation to query the system access control policies within a resource directory. The response shows that the resource directory has only one system access control policy. The policy is named `FullAliyunAccess`.
 *
 * @param request ListControlPoliciesRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ListControlPoliciesResponse
 */
async function listControlPoliciesWithOptions(request: ListControlPoliciesRequest, runtime: Util.RuntimeOptions): ListControlPoliciesResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.language)) {
    query['Language'] = request.language;
  }
  if (!Util.isUnset(request.pageNumber)) {
    query['PageNumber'] = request.pageNumber;
  }
  if (!Util.isUnset(request.pageSize)) {
    query['PageSize'] = request.pageSize;
  }
  if (!Util.isUnset(request.policyType)) {
    query['PolicyType'] = request.policyType;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ListControlPolicies',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Queries access control policies.
 *
 * @description This topic provides an example on how to call the API operation to query the system access control policies within a resource directory. The response shows that the resource directory has only one system access control policy. The policy is named `FullAliyunAccess`.
 *
 * @param request ListControlPoliciesRequest
 * @return ListControlPoliciesResponse
 */
async function listControlPolicies(request: ListControlPoliciesRequest): ListControlPoliciesResponse {
  var runtime = new Util.RuntimeOptions{};
  return listControlPoliciesWithOptions(request, runtime);
}

model ListControlPolicyAttachmentsForTargetRequest {
  language?: string(name='Language', description='The language in which you want to return the descriptions of the access control policies. Valid values:

*   zh-CN (default value): Chinese
*   en: English
*   ja: Japanese

>  This parameter is valid only for system access control policies.', example='zh-CN'),
  targetId?: string(name='TargetId', description='The ID of the object whose access control policies you want to query. Access control policies can be attached to the following objects:

*   Root folder
*   Subfolders of the Root folder
*   Members

This parameter is required.', example='fd-ZDNPiT****'),
}

model ListControlPolicyAttachmentsForTargetResponseBody = {
  controlPolicyAttachments?: {
    controlPolicyAttachment?: [ 
    {
      attachDate?: string(name='AttachDate', description='The time when the access control policy was attached.', example='2021-03-19T02:56:24Z'),
      description?: string(name='Description', description='The description of the access control policy.', example='ExampleControlPolicy'),
      effectScope?: string(name='EffectScope', description='The effective scope of the access control policy. Valid values:

*   All: The access control policy is in effect for Alibaba Cloud accounts, RAM users, and RAM roles.
*   RAM: The access control policy is in effect only for RAM users and RAM roles.', example='RAM'),
      policyId?: string(name='PolicyId', description='The ID of the access control policy.', example='cp-jExXAqIYkwHN****'),
      policyName?: string(name='PolicyName', description='The name of the access control policy.', example='ExampleControlPolicy'),
      policyType?: string(name='PolicyType', description='The type of the access control policy. Valid values:

*   System: system access control policy
*   Custom: custom access control policy', example='Custom'),
    }
  ](name='ControlPolicyAttachment')
  }(name='ControlPolicyAttachments', description='The attached access control policies.'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='C276B600-7B7A-49E8-938C-E16CFA955A82'),
}

model ListControlPolicyAttachmentsForTargetResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ListControlPolicyAttachmentsForTargetResponseBody(name='body'),
}

/**
 * @description This topic provides an example on how to call the API operation to query the access control policies that are attached to the folder `fd-ZDNPiT****`.
 *
 * @param request ListControlPolicyAttachmentsForTargetRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ListControlPolicyAttachmentsForTargetResponse
 */
async function listControlPolicyAttachmentsForTargetWithOptions(request: ListControlPolicyAttachmentsForTargetRequest, runtime: Util.RuntimeOptions): ListControlPolicyAttachmentsForTargetResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.language)) {
    query['Language'] = request.language;
  }
  if (!Util.isUnset(request.targetId)) {
    query['TargetId'] = request.targetId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ListControlPolicyAttachmentsForTarget',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @description This topic provides an example on how to call the API operation to query the access control policies that are attached to the folder `fd-ZDNPiT****`.
 *
 * @param request ListControlPolicyAttachmentsForTargetRequest
 * @return ListControlPolicyAttachmentsForTargetResponse
 */
async function listControlPolicyAttachmentsForTarget(request: ListControlPolicyAttachmentsForTargetRequest): ListControlPolicyAttachmentsForTargetResponse {
  var runtime = new Util.RuntimeOptions{};
  return listControlPolicyAttachmentsForTargetWithOptions(request, runtime);
}

model ListDelegatedAdministratorsRequest {
  pageNumber?: long(name='PageNumber', description='The number of the page to return.

Pages start from page 1. Default value: 1.', example='1'),
  pageSize?: long(name='PageSize', description='The number of entries to return on each page.

Valid values: 1 to 100. Default value: 10.', example='10'),
  servicePrincipal?: string(name='ServicePrincipal', description='The identifier of the trusted service.

For more information, see the `Trusted service identifier` column in [Supported trusted services](https://help.aliyun.com/document_detail/208133.html).', example='cloudfw.aliyuncs.com'),
}

model ListDelegatedAdministratorsResponseBody = {
  accounts?: {
    account?: [ 
    {
      accountId?: string(name='AccountId', description='The ID of the member.', example='138660628348****'),
      delegationEnabledTime?: string(name='DelegationEnabledTime', description='The time when the member was specified as a delegated administrator account.', example='1616652684164'),
      displayName?: string(name='DisplayName', description='The display name of the member.', example='abc'),
      joinMethod?: string(name='JoinMethod', description='The way in which the member joins the resource directory. Valid values:

*   invited: The member is invited to join the resource directory.
*   created: The member is directly created in the resource directory.', example='created'),
      servicePrincipal?: string(name='ServicePrincipal', description='The identifier of the trusted service.', example='cloudfw.aliyuncs.com'),
    }
  ](name='Account')
  }(name='Accounts', description='The information of the delegated administrator accounts.'),
  pageNumber?: long(name='PageNumber', description='The page number of the returned page.', example='1'),
  pageSize?: long(name='PageSize', description='The number of entries returned per page.', example='10'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='009C3A02-7D4B-416C-9CE7-548C91508F1E'),
  totalCount?: long(name='TotalCount', description='The total number of entries returned.', example='2'),
}

model ListDelegatedAdministratorsResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ListDelegatedAdministratorsResponseBody(name='body'),
}

/**
 * @summary 列出所有的代理管理员
 *
 * @description This topic provides an example on how to call the API operation to query all delegated administrator accounts in a resource directory. The response shows that two delegated administrator accounts for Cloud Firewall exist in the resource directory.
 *
 * @param request ListDelegatedAdministratorsRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ListDelegatedAdministratorsResponse
 */
async function listDelegatedAdministratorsWithOptions(request: ListDelegatedAdministratorsRequest, runtime: Util.RuntimeOptions): ListDelegatedAdministratorsResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.pageNumber)) {
    query['PageNumber'] = request.pageNumber;
  }
  if (!Util.isUnset(request.pageSize)) {
    query['PageSize'] = request.pageSize;
  }
  if (!Util.isUnset(request.servicePrincipal)) {
    query['ServicePrincipal'] = request.servicePrincipal;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ListDelegatedAdministrators',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary 列出所有的代理管理员
 *
 * @description This topic provides an example on how to call the API operation to query all delegated administrator accounts in a resource directory. The response shows that two delegated administrator accounts for Cloud Firewall exist in the resource directory.
 *
 * @param request ListDelegatedAdministratorsRequest
 * @return ListDelegatedAdministratorsResponse
 */
async function listDelegatedAdministrators(request: ListDelegatedAdministratorsRequest): ListDelegatedAdministratorsResponse {
  var runtime = new Util.RuntimeOptions{};
  return listDelegatedAdministratorsWithOptions(request, runtime);
}

model ListDelegatedServicesForAccountRequest {
  accountId?: string(name='AccountId', description='The ID of the member.

This parameter is required.', example='138660628348****'),
}

model ListDelegatedServicesForAccountResponseBody = {
  delegatedServices?: {
    delegatedService?: [ 
    {
      delegationEnabledTime?: string(name='DelegationEnabledTime', description='The time when the member was specified as a delegated administrator account of the trusted service.', example='1616652684164'),
      servicePrincipal?: string(name='ServicePrincipal', description='The identification of the trusted service.', example='cloudfw.aliyuncs.com'),
      status?: string(name='Status', description='The status of the trusted service. Valid values:

*   ENABLED: enabled
*   DISABLED: disabled', example='ENABLED'),
    }
  ](name='DelegatedService')
  }(name='DelegatedServices', description='The trusted services.

>  If the value of this parameter is empty, the member is not specified as a delegated administrator account.'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='D9C03B94-9396-4794-A74B-13DC437556A6'),
}

model ListDelegatedServicesForAccountResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ListDelegatedServicesForAccountResponseBody(name='body'),
}

/**
 * @summary 查看指定账号被设置为哪些可信服务的委派管理员
 *
 * @description This topic provides an example on how to call the API operation to query the trusted services for which the member `138660628348****` is specified as a delegated administrator account. The response shows that the member is specified as a delegated administrator account of Cloud Firewall.
 *
 * @param request ListDelegatedServicesForAccountRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ListDelegatedServicesForAccountResponse
 */
async function listDelegatedServicesForAccountWithOptions(request: ListDelegatedServicesForAccountRequest, runtime: Util.RuntimeOptions): ListDelegatedServicesForAccountResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.accountId)) {
    query['AccountId'] = request.accountId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ListDelegatedServicesForAccount',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary 查看指定账号被设置为哪些可信服务的委派管理员
 *
 * @description This topic provides an example on how to call the API operation to query the trusted services for which the member `138660628348****` is specified as a delegated administrator account. The response shows that the member is specified as a delegated administrator account of Cloud Firewall.
 *
 * @param request ListDelegatedServicesForAccountRequest
 * @return ListDelegatedServicesForAccountResponse
 */
async function listDelegatedServicesForAccount(request: ListDelegatedServicesForAccountRequest): ListDelegatedServicesForAccountResponse {
  var runtime = new Util.RuntimeOptions{};
  return listDelegatedServicesForAccountWithOptions(request, runtime);
}

model ListFoldersForParentRequest {
  pageNumber?: int32(name='PageNumber', description='The number of the page to return.

Pages start from page 1. Default value: 1.', example='1'),
  pageSize?: int32(name='PageSize', description='The number of entries to return on each page.

Valid values: 1 to 100. Default value: 10.', example='10'),
  parentFolderId?: string(name='ParentFolderId', description='The ID of the parent folder.

If you leave this parameter empty, the information of the first-level subfolders of the Root folder is queried.', example='r-b1****'),
  queryKeyword?: string(name='QueryKeyword', description='The keyword used for the query, such as a folder name.

Fuzzy match is supported.', example='rdFolder'),
}

model ListFoldersForParentResponseBody = {
  folders?: {
    folder?: [ 
    {
      createTime?: string(name='CreateTime', description='The time when the folder was created.', example='2015-01-23T12:33:18Z'),
      folderId?: string(name='FolderId', description='The ID of the folder.', example='rd-evic31****'),
      folderName?: string(name='FolderName', description='The name of the folder.', example='project-1'),
    }
  ](name='Folder')
  }(name='Folders', description='The information of the folders.'),
  pageNumber?: int32(name='PageNumber', description='The page number of the returned page.', example='1'),
  pageSize?: int32(name='PageSize', description='The number of entries returned per page.', example='5'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='7B8A4E7D-6CFF-471D-84DF-195A7A241ECB'),
  totalCount?: int32(name='TotalCount', description='The total number of entries returned.', example='2'),
}

model ListFoldersForParentResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ListFoldersForParentResponseBody(name='body'),
}

/**
 * @description >  You can view the information of only the first-level subfolders of a folder.
 *
 * @param request ListFoldersForParentRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ListFoldersForParentResponse
 */
async function listFoldersForParentWithOptions(request: ListFoldersForParentRequest, runtime: Util.RuntimeOptions): ListFoldersForParentResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.pageNumber)) {
    query['PageNumber'] = request.pageNumber;
  }
  if (!Util.isUnset(request.pageSize)) {
    query['PageSize'] = request.pageSize;
  }
  if (!Util.isUnset(request.parentFolderId)) {
    query['ParentFolderId'] = request.parentFolderId;
  }
  if (!Util.isUnset(request.queryKeyword)) {
    query['QueryKeyword'] = request.queryKeyword;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ListFoldersForParent',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @description >  You can view the information of only the first-level subfolders of a folder.
 *
 * @param request ListFoldersForParentRequest
 * @return ListFoldersForParentResponse
 */
async function listFoldersForParent(request: ListFoldersForParentRequest): ListFoldersForParentResponse {
  var runtime = new Util.RuntimeOptions{};
  return listFoldersForParentWithOptions(request, runtime);
}

model ListHandshakesForAccountRequest {
  pageNumber?: int32(name='PageNumber', description='The number of the page to return.

Pages start from page 1. Default value: 1.', example='1'),
  pageSize?: int32(name='PageSize', description='The number of entries to return on each page.

Valid values: 1 to 100. Default value: 10.', example='10'),
}

model ListHandshakesForAccountResponseBody = {
  handshakes?: {
    handshake?: [ 
    {
      createTime?: string(name='CreateTime', description='The time when the invitation was created. The time is displayed in UTC.', example='2018-08-10T09:55:41Z'),
      expireTime?: string(name='ExpireTime', description='The time when the invitation expires. The time is displayed in UTC.', example='2018-08-24T09:55:41Z'),
      handshakeId?: string(name='HandshakeId', description='The ID of the invitation.', example='h-4N57QZzCTtES****'),
      masterAccountId?: string(name='MasterAccountId', description='The ID of the management account of the resource directory.', example='172841235500****'),
      masterAccountName?: string(name='MasterAccountName', description='The name of the management account of the resource directory.', example='CompanyA'),
      modifyTime?: string(name='ModifyTime', description='The time when the invitation was modified. The time is displayed in UTC.', example='2018-08-10T09:55:41Z'),
      note?: string(name='Note', description='The comment on the invitation.', example='Welcome'),
      resourceDirectoryId?: string(name='ResourceDirectoryId', description='The ID of the resource directory.', example='rd-abcdef****'),
      status?: string(name='Status', description='The status of the invitation. Valid values:

*   Pending: The invitation is waiting for confirmation.
*   Accepted: The invitation is accepted.
*   Cancelled: The invitation is canceled.
*   Declined: The invitation is rejected.
*   Expired: The invitation expires.', example='Pending'),
      targetEntity?: string(name='TargetEntity', description='The ID or logon email address of the invited Alibaba Cloud account.', example='someone@example.com'),
      targetType?: string(name='TargetType', description='The type of the invited Alibaba Cloud account. Valid values:

*   Account: indicates the ID of the account.
*   Email: indicates the logon email address of the account.', example='Email'),
    }
  ](name='Handshake')
  }(name='Handshakes', description='The information of the invitations.'),
  pageNumber?: int32(name='PageNumber', description='The page number of the returned page.', example='1'),
  pageSize?: int32(name='PageSize', description='The number of entries returned per page.', example='10'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='9B34724D-54B0-4A51-B34D-4512372FE1BE'),
  totalCount?: int32(name='TotalCount', description='The total number of invitations.', example='2'),
}

model ListHandshakesForAccountResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ListHandshakesForAccountResponseBody(name='body'),
}

/**
 * @summary Queries the invitations that are associated with an account.
 *
 * @description This topic provides an example on how to call the API operation to query the invitations that are associated with the management account `172841235500****`. The response shows that two invitations are associated with the management account.
 *
 * @param request ListHandshakesForAccountRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ListHandshakesForAccountResponse
 */
async function listHandshakesForAccountWithOptions(request: ListHandshakesForAccountRequest, runtime: Util.RuntimeOptions): ListHandshakesForAccountResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.pageNumber)) {
    query['PageNumber'] = request.pageNumber;
  }
  if (!Util.isUnset(request.pageSize)) {
    query['PageSize'] = request.pageSize;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ListHandshakesForAccount',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Queries the invitations that are associated with an account.
 *
 * @description This topic provides an example on how to call the API operation to query the invitations that are associated with the management account `172841235500****`. The response shows that two invitations are associated with the management account.
 *
 * @param request ListHandshakesForAccountRequest
 * @return ListHandshakesForAccountResponse
 */
async function listHandshakesForAccount(request: ListHandshakesForAccountRequest): ListHandshakesForAccountResponse {
  var runtime = new Util.RuntimeOptions{};
  return listHandshakesForAccountWithOptions(request, runtime);
}

model ListHandshakesForResourceDirectoryRequest {
  pageNumber?: int32(name='PageNumber', description='The number of the page to return.

Pages start from page 1. Default value: 1.', example='1'),
  pageSize?: int32(name='PageSize', description='The number of entries to return on each page.

Valid values: 1 to 100. Default value: 10.', example='10'),
}

model ListHandshakesForResourceDirectoryResponseBody = {
  handshakes?: {
    handshake?: [ 
    {
      createTime?: string(name='CreateTime', description='The time when the invitation was created. The time is displayed in UTC.', example='2018-08-10T09:55:41Z'),
      expireTime?: string(name='ExpireTime', description='The time when the invitation expires. The time is displayed in UTC.', example='2018-08-24T09:55:41Z'),
      handshakeId?: string(name='HandshakeId', description='The ID of the invitation.', example='h-ycm4rp****'),
      masterAccountId?: string(name='MasterAccountId', description='The ID of the management account of the resource directory.', example='172841235500****'),
      masterAccountName?: string(name='MasterAccountName', description='The name of the management account of the resource directory.', example='Alice'),
      modifyTime?: string(name='ModifyTime', description='The time when the invitation was modified. The time is displayed in UTC.', example='2018-08-10T09:55:41Z'),
      note?: string(name='Note', description='The comment on the invitation.', example='Welcome'),
      resourceDirectoryId?: string(name='ResourceDirectoryId', description='The ID of the resource directory.', example='rd-abcdef****'),
      status?: string(name='Status', description='The status of the invitation. Valid values:

*   Pending: The invitation is waiting for confirmation.
*   Accepted: The invitation is accepted.
*   Cancelled: The invitation is canceled.
*   Declined: The invitation is rejected.
*   Expired: The invitation expires.', example='Pending'),
      targetEntity?: string(name='TargetEntity', description='The ID or logon email address of the invited account.', example='someone@example.com'),
      targetType?: string(name='TargetType', description='The type of the invited account. Valid values:

*   Account: indicates the ID of the account.
*   Email: indicates the logon email address of the account.', example='Email'),
    }
  ](name='Handshake')
  }(name='Handshakes', description='The information of the invitations.'),
  pageNumber?: int32(name='PageNumber', description='The page number of the returned page.', example='1'),
  pageSize?: int32(name='PageSize', description='The number of entries returned per page.', example='10'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='9B34724D-54B0-4A51-B34D-4512372FE1BE'),
  totalCount?: int32(name='TotalCount', description='The total number of entries returned.', example='2'),
}

model ListHandshakesForResourceDirectoryResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ListHandshakesForResourceDirectoryResponseBody(name='body'),
}

/**
 * @summary Queries invitations in a resource directory.
 *
 * @param request ListHandshakesForResourceDirectoryRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ListHandshakesForResourceDirectoryResponse
 */
async function listHandshakesForResourceDirectoryWithOptions(request: ListHandshakesForResourceDirectoryRequest, runtime: Util.RuntimeOptions): ListHandshakesForResourceDirectoryResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.pageNumber)) {
    query['PageNumber'] = request.pageNumber;
  }
  if (!Util.isUnset(request.pageSize)) {
    query['PageSize'] = request.pageSize;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ListHandshakesForResourceDirectory',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Queries invitations in a resource directory.
 *
 * @param request ListHandshakesForResourceDirectoryRequest
 * @return ListHandshakesForResourceDirectoryResponse
 */
async function listHandshakesForResourceDirectory(request: ListHandshakesForResourceDirectoryRequest): ListHandshakesForResourceDirectoryResponse {
  var runtime = new Util.RuntimeOptions{};
  return listHandshakesForResourceDirectoryWithOptions(request, runtime);
}

model ListPoliciesRequest {
  language?: string(name='Language', description='The language that is used to return the description of the system policy. Valid values:

*   en: English
*   zh-CN: Chinese
*   ja: Japanese', example='zh-CN'),
  pageNumber?: int32(name='PageNumber', description='The number of the page to return.

Pages start from page 1. Default value: 1.', example='1'),
  pageSize?: int32(name='PageSize', description='The number of entries to return on each page.

Valid values: 1 to 100. Default value: 10.', example='10'),
  policyType?: string(name='PolicyType', description='The type of the policy. If you do not specify this parameter, the system lists all types of policies. Valid values:

*   Custom: custom policy
*   System: system policy', example='Custom'),
}

model ListPoliciesResponseBody = {
  pageNumber?: int32(name='PageNumber', description='The page number of the returned page.', example='1'),
  pageSize?: int32(name='PageSize', description='The number of entries returned per page.', example='10'),
  policies?: {
    policy?: [ 
    {
      attachmentCount?: int32(name='AttachmentCount', description='The number of times the policy is referenced.', example='1'),
      createDate?: string(name='CreateDate', description='The time when the policy was created.', example='2015-01-23T12:33:18Z'),
      defaultVersion?: string(name='DefaultVersion', description='The default version of the policy.', example='v1'),
      description?: string(name='Description', description='The description of the policy.', example='OSS administrator'),
      policyName?: string(name='PolicyName', description='The name of the policy.', example='OSS-Administrator'),
      policyType?: string(name='PolicyType', description='The type of the policy. Valid values:

*   Custom: custom policy
*   System: system policy', example='Custom'),
      updateDate?: string(name='UpdateDate', description='The time when the policy was updated.', example='2016-02-11T18:39:12Z'),
    }
  ](name='Policy')
  }(name='Policies', description='The information of the policies.'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='7B8A4E7D-6CFF-471D-84DF-195A7A241ECB'),
  totalCount?: int32(name='TotalCount', description='The total number of returned entries.', example='2'),
}

model ListPoliciesResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ListPoliciesResponseBody(name='body'),
}

/**
 * @summary Queries policies.
 *
 * @param request ListPoliciesRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ListPoliciesResponse
 */
async function listPoliciesWithOptions(request: ListPoliciesRequest, runtime: Util.RuntimeOptions): ListPoliciesResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.language)) {
    query['Language'] = request.language;
  }
  if (!Util.isUnset(request.pageNumber)) {
    query['PageNumber'] = request.pageNumber;
  }
  if (!Util.isUnset(request.pageSize)) {
    query['PageSize'] = request.pageSize;
  }
  if (!Util.isUnset(request.policyType)) {
    query['PolicyType'] = request.policyType;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ListPolicies',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Queries policies.
 *
 * @param request ListPoliciesRequest
 * @return ListPoliciesResponse
 */
async function listPolicies(request: ListPoliciesRequest): ListPoliciesResponse {
  var runtime = new Util.RuntimeOptions{};
  return listPoliciesWithOptions(request, runtime);
}

model ListPolicyAttachmentsRequest {
  language?: string(name='Language', description='The language that is used to return the description of the system policy. Valid values:

*   en: English
*   zh-CN: Chinese
*   ja: Japanese', example='zh-CN'),
  pageNumber?: int32(name='PageNumber', description='The number of the page to return.

Pages start from page 1. Default value: 1.', example='1'),
  pageSize?: int32(name='PageSize', description='The number of entries to return on each page.

Valid values: 1 to 100. Default value: 10.', example='10'),
  policyName?: string(name='PolicyName', description='The name of the policy.

The name must be 1 to 128 characters in length and can contain letters, digits, and hyphens (-).', example='AdministratorAccess'),
  policyType?: string(name='PolicyType', description='The type of the policy. If you do not specify this parameter, the system lists all types of policies. Valid values:

*   Custom: custom policy
*   System: system policy', example='System'),
  principalName?: string(name='PrincipalName', description='The name of the object to which the policy is attached.', example='alice@demo.onaliyun.com'),
  principalType?: string(name='PrincipalType', description='The type of the object to which the policy is attached. If you do not specify this parameter, the system lists all types of objects. Valid values:

*   IMSUser: RAM user
*   IMSGroup: RAM user group
*   ServiceRole: RAM role', example='IMSUser'),
  resourceGroupId?: string(name='ResourceGroupId', description='The ID of the resource group or the ID of the Alibaba Cloud account to which the resource group belongs. If you do not specify this parameter, the system lists all policy attachment records under the current account.', example='rg-001'),
}

model ListPolicyAttachmentsResponseBody = {
  pageNumber?: int32(name='PageNumber', description='The page number of the returned page.', example='1'),
  pageSize?: int32(name='PageSize', description='The number of entries returned per page.', example='10'),
  policyAttachments?: {
    policyAttachment?: [ 
    {
      attachDate?: string(name='AttachDate', description='The time when the policy was attached.', example='2015-01-23T12:33:18Z'),
      description?: string(name='Description', description='The description of the policy.', example='The description of the policy.'),
      policyName?: string(name='PolicyName', description='The name of the policy.', example='AdministratorAccess'),
      policyType?: string(name='PolicyType', description='The type of the policy. Valid values:

*   Custom: custom policy
*   System: system policy', example='System'),
      principalName?: string(name='PrincipalName', description='The name of the object to which the policy is attached.', example='alice@demo.onaliyun.com'),
      principalType?: string(name='PrincipalType', description='The type of the object to which the policy is attached. Valid values:

*   IMSUser: RAM user
*   IMSGroup: RAM user group
*   ServiceRole: RAM role', example='IMSUser'),
      resourceGroupId?: string(name='ResourceGroupId', description='The ID of the resource group or the ID of the Alibaba Cloud account to which the resource group belongs.', example='rg-9gLOoK****'),
    }
  ](name='PolicyAttachment')
  }(name='PolicyAttachments', description='The policy attachment records.'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='7B8A4E7D-6CFF-471D-84DF-195A7A241ECB'),
  totalCount?: int32(name='TotalCount', description='The total number of returned entries.', example='2'),
}

model ListPolicyAttachmentsResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ListPolicyAttachmentsResponseBody(name='body'),
}

/**
 * @summary Queries policy attachment records.
 *
 * @description You can view the following information:
 * *   Policy attachment records under an Alibaba Cloud account or a resource group
 * *   Policies attached to RAM users, RAM user groups, or RAM roles
 * *   RAM users, RAM user groups, or RAM roles to which policies are attached under an Alibaba Cloud account or a resource group
 *
 * @param request ListPolicyAttachmentsRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ListPolicyAttachmentsResponse
 */
async function listPolicyAttachmentsWithOptions(request: ListPolicyAttachmentsRequest, runtime: Util.RuntimeOptions): ListPolicyAttachmentsResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.language)) {
    query['Language'] = request.language;
  }
  if (!Util.isUnset(request.pageNumber)) {
    query['PageNumber'] = request.pageNumber;
  }
  if (!Util.isUnset(request.pageSize)) {
    query['PageSize'] = request.pageSize;
  }
  if (!Util.isUnset(request.policyName)) {
    query['PolicyName'] = request.policyName;
  }
  if (!Util.isUnset(request.policyType)) {
    query['PolicyType'] = request.policyType;
  }
  if (!Util.isUnset(request.principalName)) {
    query['PrincipalName'] = request.principalName;
  }
  if (!Util.isUnset(request.principalType)) {
    query['PrincipalType'] = request.principalType;
  }
  if (!Util.isUnset(request.resourceGroupId)) {
    query['ResourceGroupId'] = request.resourceGroupId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ListPolicyAttachments',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Queries policy attachment records.
 *
 * @description You can view the following information:
 * *   Policy attachment records under an Alibaba Cloud account or a resource group
 * *   Policies attached to RAM users, RAM user groups, or RAM roles
 * *   RAM users, RAM user groups, or RAM roles to which policies are attached under an Alibaba Cloud account or a resource group
 *
 * @param request ListPolicyAttachmentsRequest
 * @return ListPolicyAttachmentsResponse
 */
async function listPolicyAttachments(request: ListPolicyAttachmentsRequest): ListPolicyAttachmentsResponse {
  var runtime = new Util.RuntimeOptions{};
  return listPolicyAttachmentsWithOptions(request, runtime);
}

model ListPolicyVersionsRequest {
  policyName?: string(name='PolicyName', description='The name of the policy.

The name must be 1 to 128 characters in length and can contain letters, digits, and hyphens (-).

This parameter is required.', example='OSS-Administrator'),
  policyType?: string(name='PolicyType', description='The type of the policy. Valid values:

*   Custom: custom policy
*   System: system policy

This parameter is required.', example='Custom'),
}

model ListPolicyVersionsResponseBody = {
  policyVersions?: {
    policyVersion?: [ 
    {
      createDate?: string(name='CreateDate', description='The time when the policy version was created.', example='2015-01-23T12:33:18Z'),
      isDefaultVersion?: boolean(name='IsDefaultVersion', description='Indicates whether the policy version is the default version.', example='false'),
      versionId?: string(name='VersionId', description='The ID of the policy version.', example='v3'),
    }
  ](name='PolicyVersion')
  }(name='PolicyVersions', description='The information of the policy versions.'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='7B8A4E7D-6CFF-471D-84DF-195A7A241ECB'),
}

model ListPolicyVersionsResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ListPolicyVersionsResponseBody(name='body'),
}

/**
 * @summary 查看权限策略版本列表
 *
 * @param request ListPolicyVersionsRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ListPolicyVersionsResponse
 */
async function listPolicyVersionsWithOptions(request: ListPolicyVersionsRequest, runtime: Util.RuntimeOptions): ListPolicyVersionsResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.policyName)) {
    query['PolicyName'] = request.policyName;
  }
  if (!Util.isUnset(request.policyType)) {
    query['PolicyType'] = request.policyType;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ListPolicyVersions',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary 查看权限策略版本列表
 *
 * @param request ListPolicyVersionsRequest
 * @return ListPolicyVersionsResponse
 */
async function listPolicyVersions(request: ListPolicyVersionsRequest): ListPolicyVersionsResponse {
  var runtime = new Util.RuntimeOptions{};
  return listPolicyVersionsWithOptions(request, runtime);
}

model ListResourceGroupsRequest {
  displayName?: string(name='DisplayName', description='The display name of the resource group. This parameter specifies a filter condition for the query. Fuzzy match is supported.

The display name can be a maximum of 50 characters in length.', example='my-project'),
  includeTags?: boolean(name='IncludeTags', description='Specifies whether to return the information of tags. Valid values:

*   false (default value)
*   true

>  If you configure the Tag parameter, the system returns the information of tags regardless of the setting of the `IncludeTags` parameter.', example='false'),
  name?: string(name='Name', description='The identifier of the resource group. This parameter specifies a filter condition for the query. Fuzzy match is supported.

The identifier can be a maximum of 50 characters in length and can contain letters, digits, and hyphens (-).', example='my-project'),
  pageNumber?: int32(name='PageNumber', description='The number of the page to return.

Pages start from page 1. Default value: 1.', example='1'),
  pageSize?: int32(name='PageSize', description='The number of entries to return on each page.

Valid values: 1 to 100. Default value: 10.', example='10'),
  resourceGroupId?: string(name='ResourceGroupId', description='The ID of the resource group. This parameter specifies a filter condition for the query.

The ID can be a maximum of 18 characters in length and must start with `rg-`.

>  This parameter is incorporated into the `ResourceGroupIds` parameter. If you configure both the `ResourceGroupId` and `ResourceGroupIds` parameters, the value of the `ResourceGroupIds` parameter prevails.', example='rg-9gLOoK****'),
  resourceGroupIds?: [ string ](name='ResourceGroupIds', description='The IDs of the resource groups. This parameter specifies a filter condition for the query.

You can specify a maximum of 100 resource group IDs.

>  If you configure both the `ResourceGroupId` and `ResourceGroupIds` parameters, the value of the `ResourceGroupIds` parameter prevails.'),
  status?: string(name='Status', description='The status of the resource group. This parameter specifies a filter condition for the query. Valid values:

*   Creating: The resource group is being created.
*   OK: The resource group is created.
*   PendingDelete: The resource group is waiting to be deleted.', example='OK'),
  tag?: [ 
    {
      key?: string(name='Key', description='The tag key.', example='k1'),
      value?: string(name='Value', description='The tag value.', example='v1'),
    }
  ](name='Tag', description='The tag. This parameter specifies a filter condition for the query.'),
}

model ListResourceGroupsResponseBody = {
  pageNumber?: int32(name='PageNumber', description='The page number of the returned page.', example='1'),
  pageSize?: int32(name='PageSize', description='The number of entries returned per page.', example='10'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='4B450CA1-36E8-4AA2-8461-86B42BF4CC4E'),
  resourceGroups?: {
    resourceGroup?: [ 
    {
      accountId?: string(name='AccountId', description='The ID of the Alibaba Cloud account to which the resource group belongs.', example='123456789****'),
      createDate?: string(name='CreateDate', description='The time when the resource group was created. The time is displayed in UTC.', example='2015-01-23T12:33:18Z'),
      displayName?: string(name='DisplayName', description='The display name of the resource group.', example='my-project'),
      id?: string(name='Id', description='The ID of the resource group.', example='rg-9gLOoK****'),
      name?: string(name='Name', description='The identifier of the resource group.', example='my-project'),
      status?: string(name='Status', description='The status of the resource group. Valid values:

*   Creating: The resource group is being created.
*   OK: The resource group is created.
*   PendingDelete: The resource group is waiting to be deleted.', example='OK'),
      tags?: {
        tag?: [ 
        {
          tagKey?: string(name='TagKey', description='The tag key.', example='k1'),
          tagValue?: string(name='TagValue', description='The tag value.', example='v1'),
        }
      ](name='Tag')
      }(name='Tags', description='The tags that are added to the resource group.'),
    }
  ](name='ResourceGroup')
  }(name='ResourceGroups', description='The information of the resource groups.'),
  totalCount?: int32(name='TotalCount', description='The total number of entries returned.', example='2'),
}

model ListResourceGroupsResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ListResourceGroupsResponseBody(name='body'),
}

/**
 * @description You can call this API operation to query all resource groups within the current account. You can also call this API operation to query a specific resource group based on the status, ID, identifier, or display name of the resource group.
 * This topic provides an example on how to call the API operation to query the basic information about the resource groups `rg-1hSBH2****` and `rg-9gLOoK****` within the current account.
 *
 * @param request ListResourceGroupsRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ListResourceGroupsResponse
 */
async function listResourceGroupsWithOptions(request: ListResourceGroupsRequest, runtime: Util.RuntimeOptions): ListResourceGroupsResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.displayName)) {
    query['DisplayName'] = request.displayName;
  }
  if (!Util.isUnset(request.includeTags)) {
    query['IncludeTags'] = request.includeTags;
  }
  if (!Util.isUnset(request.name)) {
    query['Name'] = request.name;
  }
  if (!Util.isUnset(request.pageNumber)) {
    query['PageNumber'] = request.pageNumber;
  }
  if (!Util.isUnset(request.pageSize)) {
    query['PageSize'] = request.pageSize;
  }
  if (!Util.isUnset(request.resourceGroupId)) {
    query['ResourceGroupId'] = request.resourceGroupId;
  }
  if (!Util.isUnset(request.resourceGroupIds)) {
    query['ResourceGroupIds'] = request.resourceGroupIds;
  }
  if (!Util.isUnset(request.status)) {
    query['Status'] = request.status;
  }
  if (!Util.isUnset(request.tag)) {
    query['Tag'] = request.tag;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ListResourceGroups',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @description You can call this API operation to query all resource groups within the current account. You can also call this API operation to query a specific resource group based on the status, ID, identifier, or display name of the resource group.
 * This topic provides an example on how to call the API operation to query the basic information about the resource groups `rg-1hSBH2****` and `rg-9gLOoK****` within the current account.
 *
 * @param request ListResourceGroupsRequest
 * @return ListResourceGroupsResponse
 */
async function listResourceGroups(request: ListResourceGroupsRequest): ListResourceGroupsResponse {
  var runtime = new Util.RuntimeOptions{};
  return listResourceGroupsWithOptions(request, runtime);
}

model ListResourcesRequest {
  pageNumber?: int32(name='PageNumber', description='The page number.

Pages start from page 1. Default value: 1.', example='1'),
  pageSize?: int32(name='PageSize', description='The number of entries per page.

Valid values: 1 to 100. Default value: 10.', example='10'),
  region?: string(name='Region', description='The region ID.', example='cn-hangzhou'),
  resourceGroupId?: string(name='ResourceGroupId', description='The ID of the resource group.', example='rg-uPJpP****'),
  resourceId?: string(name='ResourceId', description='The ID of the resource.', example='i-23v38****'),
  resourceType?: string(name='ResourceType', description='The resource type.

For more information about the supported resource types, see the **Resource type** column in [Services that work with Resource Group](https://help.aliyun.com/document_detail/94479.html).', example='instance'),
  resourceTypes?: [ 
    {
      resourceType?: string(name='ResourceType', description='The resource type.

Valid values of N: 1 to 50.

For more information about the supported resource types, see the **Resource type** column in [Services that work with Resource Group](https://help.aliyun.com/document_detail/94479.html).

>  You must configure both `Service` and `ResourceType` in `ResourceTypes`. Otherwise, the two parameters do not take effect.', example='instance'),
      service?: string(name='Service', description='The ID of the Alibaba Cloud service.

Valid values of N: 1 to 50.

You can obtain the ID from the **Service code** column in [Services that work with Resource Group](https://help.aliyun.com/document_detail/94479.html).

>  You must configure both `Service` and `ResourceType` in `ResourceTypes`. Otherwise, the two parameters do not take effect.', example='ecs'),
    }
  ](name='ResourceTypes', description='The resource types. A maximum of 50 resource types are supported.

>  If you configure `ResourceTypes`, you must configure both `Service` and `ResourceType`. Otherwise, the configured Service or ResourceType does not take effect.'),
  service?: string(name='Service', description='The ID of the Alibaba Cloud service.

You can obtain the ID from the **Service code** column in [Services that work with Resource Group](https://help.aliyun.com/document_detail/94479.html).', example='ecs'),
}

model ListResourcesResponseBody = {
  pageNumber?: int32(name='PageNumber', description='The page number.', example='1'),
  pageSize?: int32(name='PageSize', description='The number of entries per page.', example='10'),
  requestId?: string(name='RequestId', description='The request ID.', example='04F0F334-1335-436C-A1D7-6C044FE73368'),
  resources?: {
    resource?: [ 
    {
      createDate?: string(name='CreateDate', description='The time when the resource was created. The time is displayed in UTC.', example='2015-01-23T12:33:18Z'),
      regionId?: string(name='RegionId', description='The region ID.', example='cn-hangzhou'),
      resourceGroupId?: string(name='ResourceGroupId', description='The ID of the resource group.', example='rg-uPJpP****'),
      resourceId?: string(name='ResourceId', description='The ID of the resource.', example='i-23v38****'),
      resourceType?: string(name='ResourceType', description='The resource type.', example='instance'),
      service?: string(name='Service', description='The ID of the Alibaba Cloud service.', example='ecs'),
    }
  ](name='Resource')
  }(name='Resources', description='The information about the resources.'),
  totalCount?: int32(name='TotalCount', description='The total number of entries returned.', example='1'),
}

model ListResourcesResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ListResourcesResponseBody(name='body'),
}

/**
 * @summary Queries resources that can be accessed by the current account in resource groups.
 *
 * @description >  You can use a RAM role that is not associated with a session policy to call this API operation.
 * This topic provides an example on how to call the API operation to query resources that can be accessed by the current account in resource groups. The response shows that the current account can access only the Elastic Compute Service (ECS) instance `i-23v38****` in the resource group `rg-uPJpP****`.
 *
 * @param request ListResourcesRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ListResourcesResponse
 */
async function listResourcesWithOptions(request: ListResourcesRequest, runtime: Util.RuntimeOptions): ListResourcesResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.pageNumber)) {
    query['PageNumber'] = request.pageNumber;
  }
  if (!Util.isUnset(request.pageSize)) {
    query['PageSize'] = request.pageSize;
  }
  if (!Util.isUnset(request.region)) {
    query['Region'] = request.region;
  }
  if (!Util.isUnset(request.resourceGroupId)) {
    query['ResourceGroupId'] = request.resourceGroupId;
  }
  if (!Util.isUnset(request.resourceId)) {
    query['ResourceId'] = request.resourceId;
  }
  if (!Util.isUnset(request.resourceType)) {
    query['ResourceType'] = request.resourceType;
  }
  if (!Util.isUnset(request.resourceTypes)) {
    query['ResourceTypes'] = request.resourceTypes;
  }
  if (!Util.isUnset(request.service)) {
    query['Service'] = request.service;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ListResources',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Queries resources that can be accessed by the current account in resource groups.
 *
 * @description >  You can use a RAM role that is not associated with a session policy to call this API operation.
 * This topic provides an example on how to call the API operation to query resources that can be accessed by the current account in resource groups. The response shows that the current account can access only the Elastic Compute Service (ECS) instance `i-23v38****` in the resource group `rg-uPJpP****`.
 *
 * @param request ListResourcesRequest
 * @return ListResourcesResponse
 */
async function listResources(request: ListResourcesRequest): ListResourcesResponse {
  var runtime = new Util.RuntimeOptions{};
  return listResourcesWithOptions(request, runtime);
}

model ListRolesRequest {
  language?: string(name='Language', description='The language that is used to return the descriptions of the RAM roles. Valid values:

*   en: English
*   zh-CN: Chinese
*   ja: Japanese', example='zh-CN'),
  pageNumber?: int32(name='PageNumber', description='The number of the page to return.

Pages start from page 1. Default value: 1.', example='1'),
  pageSize?: int32(name='PageSize', description='The number of entries to return on each page.

Valid values: 1 to 100. Default value: 10.', example='10'),
}

model ListRolesResponseBody = {
  pageNumber?: int32(name='PageNumber', description='The page number of the returned page.', example='1'),
  pageSize?: int32(name='PageSize', description='The number of entries returned per page.', example='10'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='7B8A4E7D-6CFF-471D-84DF-195A7A241ECB'),
  roles?: {
    role?: [ 
    {
      arn?: string(name='Arn', description='The Alibaba Cloud Resource Name (ARN) of the RAM role.', example='acs:ram::123456789012****:role/ECSAdmin'),
      createDate?: string(name='CreateDate', description='The time when the RAM role was created.', example='2015-01-23T12:33:18Z'),
      description?: string(name='Description', description='The description of the RAM role.', example='ECS administrator'),
      isServiceLinkedRole?: boolean(name='IsServiceLinkedRole', description='Indicates whether the RAM role is a service linked role.', example='true'),
      latestDeletionTask?: {
        createDate?: string(name='CreateDate', description='The time when the deletion task was created.', example='2018-10-23T12:33:18Z'),
        deletionTaskId?: string(name='DeletionTaskId', description='The ID of the deletion task.', example='ECSAdmin/cc61514b-26eb-4453-ab53-b142eb70****'),
      }(name='LatestDeletionTask', description='The information of the most recent deletion task.'),
      maxSessionDuration?: long(name='MaxSessionDuration', description='The maximum session duration of the RAM role.', example='3600'),
      roleId?: string(name='RoleId', description='The ID of the RAM role.', example='90123456789****'),
      roleName?: string(name='RoleName', description='The name of the RAM role.', example='ECSAdmin'),
      rolePrincipalName?: string(name='RolePrincipalName', description='The name of the RAM role after authorization.', example='ECSAdmin@role.123456.onaliyunservice.com'),
      updateDate?: string(name='UpdateDate', description='The time when the RAM role was updated.', example='2016-01-23T12:33:18Z'),
    }
  ](name='Role')
  }(name='Roles', description='The information of the RAM roles.'),
  totalCount?: int32(name='TotalCount', description='The total number of RAM roles.', example='2'),
}

model ListRolesResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ListRolesResponseBody(name='body'),
}

/**
 * @summary Queries RAM roles.
 *
 * @param request ListRolesRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ListRolesResponse
 */
async function listRolesWithOptions(request: ListRolesRequest, runtime: Util.RuntimeOptions): ListRolesResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.language)) {
    query['Language'] = request.language;
  }
  if (!Util.isUnset(request.pageNumber)) {
    query['PageNumber'] = request.pageNumber;
  }
  if (!Util.isUnset(request.pageSize)) {
    query['PageSize'] = request.pageSize;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ListRoles',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Queries RAM roles.
 *
 * @param request ListRolesRequest
 * @return ListRolesResponse
 */
async function listRoles(request: ListRolesRequest): ListRolesResponse {
  var runtime = new Util.RuntimeOptions{};
  return listRolesWithOptions(request, runtime);
}

model ListTagKeysRequest {
  keyFilter?: string(name='KeyFilter', description='The tag key for a fuzzy query.', example='team'),
  maxResults?: int32(name='MaxResults', description='The maximum number of entries to return for a single request.

Valid values: 1 to 100. Default value: 10.', example='10'),
  nextToken?: string(name='NextToken', description='The token that is used to start the next query.', example='TGlzdFJlc291cm****'),
  resourceType?: string(name='ResourceType', description='The resource type.

The value Account indicates the members of the resource directory.

This parameter is required.', example='Account'),
}

model ListTagKeysResponseBody = {
  nextToken?: string(name='NextToken', description='Indicates whether the next query is required.

*   If the value of this parameter is empty (`"NextToken": ""`), all results are returned, and the next query is not required.
*   If the value of this parameter is not empty, the next query is required, and the value is the token used to start the next query.', example='TGlzdFJlc291cm****'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='DC09A6AA-2713-4E10-A2E9-E6C5C43A8842'),
  tags?: [ 
    {
      key?: string(name='Key', description='The tag key.', example='team'),
    }
  ](name='Tags', description='The information of the tag keys.'),
}

model ListTagKeysResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ListTagKeysResponseBody(name='body'),
}

/**
 * @summary 列出所有的Tag key
 *
 * @description This topic provides an example on how to call the API operation to query tag keys. The response shows that the custom tag key team exists.
 *
 * @param request ListTagKeysRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ListTagKeysResponse
 */
async function listTagKeysWithOptions(request: ListTagKeysRequest, runtime: Util.RuntimeOptions): ListTagKeysResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.keyFilter)) {
    query['KeyFilter'] = request.keyFilter;
  }
  if (!Util.isUnset(request.maxResults)) {
    query['MaxResults'] = request.maxResults;
  }
  if (!Util.isUnset(request.nextToken)) {
    query['NextToken'] = request.nextToken;
  }
  if (!Util.isUnset(request.resourceType)) {
    query['ResourceType'] = request.resourceType;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ListTagKeys',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary 列出所有的Tag key
 *
 * @description This topic provides an example on how to call the API operation to query tag keys. The response shows that the custom tag key team exists.
 *
 * @param request ListTagKeysRequest
 * @return ListTagKeysResponse
 */
async function listTagKeys(request: ListTagKeysRequest): ListTagKeysResponse {
  var runtime = new Util.RuntimeOptions{};
  return listTagKeysWithOptions(request, runtime);
}

model ListTagResourcesRequest {
  maxResults?: int32(name='MaxResults', description='The number of entries to return on each page.

Valid values: 1 to 100. Default value: 10.', example='10'),
  nextToken?: string(name='NextToken', description='The token that is used to start the next query.', example='caeba0bbb2be03f84eb48b699f0a****'),
  resourceId?: [ string ](name='ResourceId', description='The resource ID.'),
  resourceType?: string(name='ResourceType', description='The type of the objects whose tags you want to query. This parameter specifies a filter condition for the query. Valid values:

*   ResourceGroup: resource group. This is the default value.
*   Account: member.', example='ResourceGroup'),
  tag?: [ 
    {
      key?: string(name='Key', description='A tag key.', example='k1'),
      value?: string(name='Value', description='A tag value.', example='v1'),
    }
  ](name='Tag', description='The tag key and value.'),
}

model ListTagResourcesResponseBody = {
  nextToken?: string(name='NextToken', description='Indicates whether the next query is required.

*   If the value of this parameter is empty (`"NextToken": ""`), all results are returned, and the next query is not required.
*   If the value of this parameter is not empty, the next query is required, and the value is the token used to start the next query.', example='caeba0bbb2be03f84eb48b699f0a****'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='8054B059-6B36-53BF-AA45-B8C9A0ED05AB'),
  tagResources?: [ 
    {
      resourceId?: string(name='ResourceId', description='The ID of the resource group or member.', example='rg-aekz6bre2uq****'),
      resourceType?: string(name='ResourceType', description='The type of the object whose tags are queried. Valid values:

*   resourcegroup: resource group
*   Account: member', example='resourcegroup'),
      tagKey?: string(name='TagKey', description='The tag key.', example='k1'),
      tagValue?: string(name='TagValue', description='The tag value.', example='k1'),
    }
  ](name='TagResources', description='The tags.'),
}

model ListTagResourcesResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ListTagResourcesResponseBody(name='body'),
}

/**
 * @summary Queries the tags that are added to resource groups or the members in a resource directory.
 *
 * @description This topic provides an example on how to call the API operation to query the tags that are added to the resource group with an ID of `rg-aekz6bre2uq****`. The response shows that only the `k1:v1` tag is added to the resource group.
 *
 * @param request ListTagResourcesRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ListTagResourcesResponse
 */
async function listTagResourcesWithOptions(request: ListTagResourcesRequest, runtime: Util.RuntimeOptions): ListTagResourcesResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.maxResults)) {
    query['MaxResults'] = request.maxResults;
  }
  if (!Util.isUnset(request.nextToken)) {
    query['NextToken'] = request.nextToken;
  }
  if (!Util.isUnset(request.resourceId)) {
    query['ResourceId'] = request.resourceId;
  }
  if (!Util.isUnset(request.resourceType)) {
    query['ResourceType'] = request.resourceType;
  }
  if (!Util.isUnset(request.tag)) {
    query['Tag'] = request.tag;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ListTagResources',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Queries the tags that are added to resource groups or the members in a resource directory.
 *
 * @description This topic provides an example on how to call the API operation to query the tags that are added to the resource group with an ID of `rg-aekz6bre2uq****`. The response shows that only the `k1:v1` tag is added to the resource group.
 *
 * @param request ListTagResourcesRequest
 * @return ListTagResourcesResponse
 */
async function listTagResources(request: ListTagResourcesRequest): ListTagResourcesResponse {
  var runtime = new Util.RuntimeOptions{};
  return listTagResourcesWithOptions(request, runtime);
}

model ListTagValuesRequest {
  maxResults?: int32(name='MaxResults', description='The maximum number of entries to return for a single request.

Valid values: 1 to 100. Default value: 10.', example='10'),
  nextToken?: string(name='NextToken', description='The token that is used to start the next query.', example='TGlzdFJlc291cm****'),
  resourceType?: string(name='ResourceType', description='The resource type.

The value Account indicates the members of the resource directory.

This parameter is required.', example='Account'),
  tagKey?: string(name='TagKey', description='The tag key. This parameter specifies a filter condition for the query.

This parameter is required.', example='k1'),
  valueFilter?: string(name='ValueFilter', description='The tag value for a fuzzy query.', example='v1'),
}

model ListTagValuesResponseBody = {
  nextToken?: string(name='NextToken', description='Indicates whether the next query is required.

*   If the value of this parameter is empty (`"NextToken": ""`), all results are returned, and the next query is not required.
*   If the value of this parameter is not empty, the next query is required, and the value is the token used to start the next query.', example='TGlzdFJlc291cm****'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='DC09A6AA-2713-4E10-A2E9-E6C5C43A8842'),
  tags?: [ 
    {
      value?: string(name='Value', description='The tag value.', example='v1'),
    }
  ](name='Tags', description='The information of the tag values.'),
}

model ListTagValuesResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ListTagValuesResponseBody(name='body'),
}

/**
 * @summary 列出所有的Tag values
 *
 * @description This topic provides an example on how to call the API operation to query the tag values of the tag key k1. The response shows that the tag value of the tag key k1 is v1.
 *
 * @param request ListTagValuesRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ListTagValuesResponse
 */
async function listTagValuesWithOptions(request: ListTagValuesRequest, runtime: Util.RuntimeOptions): ListTagValuesResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.maxResults)) {
    query['MaxResults'] = request.maxResults;
  }
  if (!Util.isUnset(request.nextToken)) {
    query['NextToken'] = request.nextToken;
  }
  if (!Util.isUnset(request.resourceType)) {
    query['ResourceType'] = request.resourceType;
  }
  if (!Util.isUnset(request.tagKey)) {
    query['TagKey'] = request.tagKey;
  }
  if (!Util.isUnset(request.valueFilter)) {
    query['ValueFilter'] = request.valueFilter;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ListTagValues',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary 列出所有的Tag values
 *
 * @description This topic provides an example on how to call the API operation to query the tag values of the tag key k1. The response shows that the tag value of the tag key k1 is v1.
 *
 * @param request ListTagValuesRequest
 * @return ListTagValuesResponse
 */
async function listTagValues(request: ListTagValuesRequest): ListTagValuesResponse {
  var runtime = new Util.RuntimeOptions{};
  return listTagValuesWithOptions(request, runtime);
}

model ListTargetAttachmentsForControlPolicyRequest {
  pageNumber?: int32(name='PageNumber', description='The number of the page to return.

Pages start from page 1. Default value: 1.', example='1'),
  pageSize?: int32(name='PageSize', description='The number of entries to return on each page.

Valid values: 1 to 100. Default value: 10.', example='10'),
  policyId?: string(name='PolicyId', description='The ID of the control policy.

This parameter is required.', example='cp-jExXAqIYkwHN****'),
}

model ListTargetAttachmentsForControlPolicyResponseBody = {
  pageNumber?: int32(name='PageNumber', description='The page number of the returned page.', example='1'),
  pageSize?: int32(name='PageSize', description='The number of entries returned per page.', example='10'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='B32BD3D6-1089-41F3-8E70-E0079BC7D760'),
  targetAttachments?: {
    targetAttachment?: [ 
    {
      attachDate?: string(name='AttachDate', description='The time when the control policy was attached to the object.', example='2021-03-19T02:56:24Z'),
      targetId?: string(name='TargetId', description='The ID of the object.', example='fd-ZDNPiT****'),
      targetName?: string(name='TargetName', description='The name of the object.', example='Dev_Department'),
      targetType?: string(name='TargetType', description='The type of the object. Valid values:

*   Root: Root folder
*   Folder: child folder of the Root folder
*   Account: member account', example='Folder'),
    }
  ](name='TargetAttachment')
  }(name='TargetAttachments', description='The list of objects to which the control policy is attached.'),
  totalCount?: int32(name='TotalCount', description='The total number of objects to which the control policy is attached.', example='1'),
}

model ListTargetAttachmentsForControlPolicyResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ListTargetAttachmentsForControlPolicyResponseBody(name='body'),
}

/**
 * @summary Queries the objects to which a specific control policy is attached.
 *
 * @description In this example, the folders or member accounts to which the control policy `cp-jExXAqIYkwHN****` is attached are queried. The returned result shows that the control policy is attached to the folder `fd-ZDNPiT****`.
 *
 * @param request ListTargetAttachmentsForControlPolicyRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ListTargetAttachmentsForControlPolicyResponse
 */
async function listTargetAttachmentsForControlPolicyWithOptions(request: ListTargetAttachmentsForControlPolicyRequest, runtime: Util.RuntimeOptions): ListTargetAttachmentsForControlPolicyResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.pageNumber)) {
    query['PageNumber'] = request.pageNumber;
  }
  if (!Util.isUnset(request.pageSize)) {
    query['PageSize'] = request.pageSize;
  }
  if (!Util.isUnset(request.policyId)) {
    query['PolicyId'] = request.policyId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ListTargetAttachmentsForControlPolicy',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Queries the objects to which a specific control policy is attached.
 *
 * @description In this example, the folders or member accounts to which the control policy `cp-jExXAqIYkwHN****` is attached are queried. The returned result shows that the control policy is attached to the folder `fd-ZDNPiT****`.
 *
 * @param request ListTargetAttachmentsForControlPolicyRequest
 * @return ListTargetAttachmentsForControlPolicyResponse
 */
async function listTargetAttachmentsForControlPolicy(request: ListTargetAttachmentsForControlPolicyRequest): ListTargetAttachmentsForControlPolicyResponse {
  var runtime = new Util.RuntimeOptions{};
  return listTargetAttachmentsForControlPolicyWithOptions(request, runtime);
}

model ListTrustedServiceStatusRequest {
  adminAccountId?: string(name='AdminAccountId', description='The ID of the enterprise management account or delegated administrator account.

*   If you set this parameter to the ID of an enterprise management account, the trusted services that are enabled within the enterprise management account are queried. The default value of this parameter is the ID of an enterprise management account.
*   If you set this parameter to the ID of a delegated administrator account, the trusted services that are enabled within the delegated administrator account are queried.

For more information about trusted services and delegated administrator accounts, see [Overview of trusted services](https://help.aliyun.com/document_detail/208133.html) and [Delegated administrator accounts](https://help.aliyun.com/document_detail/208117.html).', example='177242285274****'),
  pageNumber?: int32(name='PageNumber', description='The number of the page to return.

Pages start from page 1. Default value: 1.', example='1'),
  pageSize?: int32(name='PageSize', description='The number of entries to return on each page.

Valid values: 1 to 100. Default value: 10.', example='10'),
}

model ListTrustedServiceStatusResponseBody = {
  enabledServicePrincipals?: {
    enabledServicePrincipal?: [ 
    {
      enableTime?: string(name='EnableTime', description='The time when the trusted service was enabled.', example='2019-02-18T15:32:10.473Z'),
      servicePrincipal?: string(name='ServicePrincipal', description='The identification of the trusted service.', example='config.aliyuncs.com'),
    }
  ](name='EnabledServicePrincipal')
  }(name='EnabledServicePrincipals', description='The trusted services that are enabled.'),
  pageNumber?: int32(name='PageNumber', description='The page number of the returned page.', example='1'),
  pageSize?: int32(name='PageSize', description='The number of entries returned per page.', example='10'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='CD76D376-2517-4924-92C5-DBC52262F93A'),
  totalCount?: int32(name='TotalCount', description='The total number of entries returned.', example='2'),
}

model ListTrustedServiceStatusResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ListTrustedServiceStatusResponseBody(name='body'),
}

/**
 * @description >  Only an enterprise management account or delegated administrator account can be used to call this operation.
 * In this example, the trusted services that are enabled within an enterprise management account are queried. The returned result shows that the trusted services Cloud Config and ActionTrail are enabled within the enterprise management account.
 *
 * @param request ListTrustedServiceStatusRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ListTrustedServiceStatusResponse
 */
async function listTrustedServiceStatusWithOptions(request: ListTrustedServiceStatusRequest, runtime: Util.RuntimeOptions): ListTrustedServiceStatusResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.adminAccountId)) {
    query['AdminAccountId'] = request.adminAccountId;
  }
  if (!Util.isUnset(request.pageNumber)) {
    query['PageNumber'] = request.pageNumber;
  }
  if (!Util.isUnset(request.pageSize)) {
    query['PageSize'] = request.pageSize;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ListTrustedServiceStatus',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @description >  Only an enterprise management account or delegated administrator account can be used to call this operation.
 * In this example, the trusted services that are enabled within an enterprise management account are queried. The returned result shows that the trusted services Cloud Config and ActionTrail are enabled within the enterprise management account.
 *
 * @param request ListTrustedServiceStatusRequest
 * @return ListTrustedServiceStatusResponse
 */
async function listTrustedServiceStatus(request: ListTrustedServiceStatusRequest): ListTrustedServiceStatusResponse {
  var runtime = new Util.RuntimeOptions{};
  return listTrustedServiceStatusWithOptions(request, runtime);
}

model MoveAccountRequest {
  accountId?: string(name='AccountId', description='The ID of the account you want to move.

This parameter is required.', example='12323344****'),
  destinationFolderId?: string(name='DestinationFolderId', description='The ID of the destination folder.

This parameter is required.', example='fd-bVaRIG****'),
}

model MoveAccountResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='9B34724D-54B0-4A51-B34D-4512372FE1BE'),
}

model MoveAccountResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: MoveAccountResponseBody(name='body'),
}

/**
 * @summary 移动账号
 *
 * @param request MoveAccountRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return MoveAccountResponse
 */
async function moveAccountWithOptions(request: MoveAccountRequest, runtime: Util.RuntimeOptions): MoveAccountResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.accountId)) {
    query['AccountId'] = request.accountId;
  }
  if (!Util.isUnset(request.destinationFolderId)) {
    query['DestinationFolderId'] = request.destinationFolderId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'MoveAccount',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary 移动账号
 *
 * @param request MoveAccountRequest
 * @return MoveAccountResponse
 */
async function moveAccount(request: MoveAccountRequest): MoveAccountResponse {
  var runtime = new Util.RuntimeOptions{};
  return moveAccountWithOptions(request, runtime);
}

model MoveResourcesRequest {
  resourceGroupId?: string(name='ResourceGroupId', description='The ID of the resource group to which you want to move the resources.

This parameter is required.', example='rg-aekzmeobk5w****'),
  resources?: [ 
    {
      regionId?: string(name='RegionId', description='The region ID of the resource.', example='cn-hangzhou'),
      resourceId?: string(name='ResourceId', description='The ID of the resource.', example='vpc-bp1sig0mjktx5ewx1****'),
      resourceType?: string(name='ResourceType', description='The type of the resource.', example='vpc'),
      service?: string(name='Service', description='The ID of the Alibaba Cloud service to which the resource belongs.', example='vpc'),
    }
  ](name='Resources', description='The resources that you want to move.

>  You can move a maximum of 10 resources at a time. If you want to move more than 10 resources, move them in batches.

This parameter is required.'),
}

model MoveResourcesResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='C00B89D3-3247-11DE-95D8-A7C01FB0AB4F'),
  responses?: [ 
    {
      errorCode?: string(name='ErrorCode', description='The error code returned.

>  This parameter is returned if the resource failed to be moved.', example='NoPermission'),
      errorMsg?: string(name='ErrorMsg', description='The error message returned.

>  This parameter is returned if the resource failed to be moved.', example='No permissions'),
      regionId?: string(name='RegionId', description='The region ID of the resource.', example='cn-hangzhou'),
      requestId?: string(name='RequestId', description='The ID of the request.', example='C00B89D3-3247-11DE-95D8-A7C01FB0AB4F'),
      resourceId?: string(name='ResourceId', description='The ID of the resource.', example='vpc-bp1sig0mjktx5ewx1****'),
      resourceType?: string(name='ResourceType', description='The type of the resource.', example='vpc'),
      service?: string(name='Service', description='The ID of the Alibaba Cloud service.', example='vpc'),
      status?: string(name='Status', description='The status of the move task. Valid values:

*   SUCCESS
*   FAIL', example='FAIL'),
    }
  ](name='Responses', description='The returned results.'),
}

model MoveResourcesResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: MoveResourcesResponseBody(name='body'),
}

/**
 * @summary Moves resources from one resource group to another. You can move multiple resources that reside in different regions, are used by different Alibaba Cloud services, or belong to different resource groups.
 *
 * @description For more information about Alibaba Cloud services whose resources can be moved between resource groups, see the **Supported by the API** column in [Alibaba Cloud services that support resource groups](https://help.aliyun.com/document_detail/94479.html).
 * In this example, two virtual private clouds (VPCs) `vpc-bp1sig0mjktx5ewx1****` and `vpc-bp1visxm225pv49dz****` that reside in different regions and belong to different resource groups are moved to the resource group `rg-aekzmeobk5w****`.
 *
 * @param request MoveResourcesRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return MoveResourcesResponse
 */
async function moveResourcesWithOptions(request: MoveResourcesRequest, runtime: Util.RuntimeOptions): MoveResourcesResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.resourceGroupId)) {
    query['ResourceGroupId'] = request.resourceGroupId;
  }
  if (!Util.isUnset(request.resources)) {
    query['Resources'] = request.resources;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'MoveResources',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Moves resources from one resource group to another. You can move multiple resources that reside in different regions, are used by different Alibaba Cloud services, or belong to different resource groups.
 *
 * @description For more information about Alibaba Cloud services whose resources can be moved between resource groups, see the **Supported by the API** column in [Alibaba Cloud services that support resource groups](https://help.aliyun.com/document_detail/94479.html).
 * In this example, two virtual private clouds (VPCs) `vpc-bp1sig0mjktx5ewx1****` and `vpc-bp1visxm225pv49dz****` that reside in different regions and belong to different resource groups are moved to the resource group `rg-aekzmeobk5w****`.
 *
 * @param request MoveResourcesRequest
 * @return MoveResourcesResponse
 */
async function moveResources(request: MoveResourcesRequest): MoveResourcesResponse {
  var runtime = new Util.RuntimeOptions{};
  return moveResourcesWithOptions(request, runtime);
}

model PromoteResourceAccountRequest {
  accountId?: string(name='AccountId', description='The ID of the resource account you want to upgrade.

This parameter is required.', example='12323344****'),
  email?: string(name='Email', description='The email address used to log on to the cloud account after the upgrade.

This parameter is required.', example='someone@example.com'),
}

model PromoteResourceAccountResponseBody = {
  account?: {
    accountId?: string(name='AccountId', description='The ID of the member account.', example='12323344****'),
    accountName?: string(name='AccountName', description='The name of the member account.', example='someone@example.com'),
    displayName?: string(name='DisplayName', description='The display name of the member account.', example='admin'),
    folderId?: string(name='FolderId', description='The ID of the folder.', example='fd-bVaRIG****'),
    joinMethod?: string(name='JoinMethod', description='The way in which the member account joined the resource directory. Valid values:

*   invited: The member account is invited to join the resource directory.
*   created: The member account is directly created in the resource directory.', example='created'),
    joinTime?: string(name='JoinTime', description='The time when the member account joined the resource directory.', example='2015-01-23T12:33:18Z'),
    modifyTime?: string(name='ModifyTime', description='The time when the member account was modified.', example='2015-01-23T12:33:18Z'),
    recordId?: string(name='RecordId', description='The account record ID.', example='06950264-3f0d-4ca9-82dd-6ee7a3d33d6b'),
    resourceDirectoryId?: string(name='ResourceDirectoryId', description='The ID of the resource directory.', example='rd-k3****'),
    status?: string(name='Status', description='The status of the member account. Valid values:

*   CreateSuccess: The member account is created.
*   CreateVerifying: The creation of the member account is under confirmation.
*   CreateFailed: The member account failed to be created.
*   CreateExpired: The creation of the member account expired.
*   CreateCancelled: The creation of the member account is canceled.
*   PromoteVerifying: The upgrade of the member account is under confirmation.
*   PromoteFailed: The member account failed to be upgraded.
*   PromoteExpired: The upgrade of the member account expired.
*   PromoteCancelled: The upgrade of the member account is canceled.
*   PromoteSuccess: The member account is upgraded.
*   InviteSuccess: The owner of the member account accepted the invitation.
*   Removed: The member account is removed from the resource directory.', example='PromoteVerifying'),
    type?: string(name='Type', description='The type of the member account. Valid values:

*   CloudAccount
*   ResourceAccount', example='ResourceAccount'),
  }(name='Account', description='The information of the member account.'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='9B34724D-54B0-4A51-B34D-4512372FE1BE'),
}

model PromoteResourceAccountResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: PromoteResourceAccountResponseBody(name='body'),
}

/**
 * @summary 升级资源账号
 *
 * @param request PromoteResourceAccountRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return PromoteResourceAccountResponse
 */
async function promoteResourceAccountWithOptions(request: PromoteResourceAccountRequest, runtime: Util.RuntimeOptions): PromoteResourceAccountResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.accountId)) {
    query['AccountId'] = request.accountId;
  }
  if (!Util.isUnset(request.email)) {
    query['Email'] = request.email;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'PromoteResourceAccount',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary 升级资源账号
 *
 * @param request PromoteResourceAccountRequest
 * @return PromoteResourceAccountResponse
 */
async function promoteResourceAccount(request: PromoteResourceAccountRequest): PromoteResourceAccountResponse {
  var runtime = new Util.RuntimeOptions{};
  return promoteResourceAccountWithOptions(request, runtime);
}

model RegisterDelegatedAdministratorRequest {
  accountId?: string(name='AccountId', description='The ID of the member in the resource directory.

This parameter is required.', example='181761095690****'),
  servicePrincipal?: string(name='ServicePrincipal', description='The identifier of the trusted service.

For more information, see the `Trusted service identifier` column in [Supported trusted services](https://help.aliyun.com/document_detail/208133.html).

This parameter is required.', example='cloudfw.aliyuncs.com'),
}

model RegisterDelegatedAdministratorResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='0A45FC8F-54D2-4A65-8338-25E5DEBDA304'),
}

model RegisterDelegatedAdministratorResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: RegisterDelegatedAdministratorResponseBody(name='body'),
}

/**
 * @description The delegated administrator account can be used to access the information of the resource directory and view the structure and members of the resource directory. The delegated administrator account can also be used to perform service-related management operations in the trusted service on behalf of the management account of the resource directory.
 * When you call this operation, you must take note of the following limits:
 * *   Only some trusted services support delegated administrator accounts. For more information, see [Supported trusted services](https://help.aliyun.com/document_detail/208133.html).
 * *   Only the management account of a resource directory or an authorized RAM user or RAM role of the management account can be used to call this operation.
 * *   The number of delegated administrator accounts that are allowed for a trusted service is defined by the trusted service.
 * This topic provides an example on how to call the API operation to specify the member `181761095690****` as a delegated administrator account of Cloud Firewall.
 *
 * @param request RegisterDelegatedAdministratorRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return RegisterDelegatedAdministratorResponse
 */
async function registerDelegatedAdministratorWithOptions(request: RegisterDelegatedAdministratorRequest, runtime: Util.RuntimeOptions): RegisterDelegatedAdministratorResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.accountId)) {
    query['AccountId'] = request.accountId;
  }
  if (!Util.isUnset(request.servicePrincipal)) {
    query['ServicePrincipal'] = request.servicePrincipal;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'RegisterDelegatedAdministrator',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @description The delegated administrator account can be used to access the information of the resource directory and view the structure and members of the resource directory. The delegated administrator account can also be used to perform service-related management operations in the trusted service on behalf of the management account of the resource directory.
 * When you call this operation, you must take note of the following limits:
 * *   Only some trusted services support delegated administrator accounts. For more information, see [Supported trusted services](https://help.aliyun.com/document_detail/208133.html).
 * *   Only the management account of a resource directory or an authorized RAM user or RAM role of the management account can be used to call this operation.
 * *   The number of delegated administrator accounts that are allowed for a trusted service is defined by the trusted service.
 * This topic provides an example on how to call the API operation to specify the member `181761095690****` as a delegated administrator account of Cloud Firewall.
 *
 * @param request RegisterDelegatedAdministratorRequest
 * @return RegisterDelegatedAdministratorResponse
 */
async function registerDelegatedAdministrator(request: RegisterDelegatedAdministratorRequest): RegisterDelegatedAdministratorResponse {
  var runtime = new Util.RuntimeOptions{};
  return registerDelegatedAdministratorWithOptions(request, runtime);
}

model RemoveCloudAccountRequest {
  accountId?: string(name='AccountId', description='The ID of the member.

This parameter is required.', example='177242285274****'),
}

model RemoveCloudAccountResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='9B34724D-54B0-4A51-B34D-4512372FE1BE'),
}

model RemoveCloudAccountResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: RemoveCloudAccountResponseBody(name='body'),
}

/**
 * @description This topic provides an example on how to call the API operation to remove the member `177242285274****` from a resource directory.
 *
 * @param request RemoveCloudAccountRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return RemoveCloudAccountResponse
 */
async function removeCloudAccountWithOptions(request: RemoveCloudAccountRequest, runtime: Util.RuntimeOptions): RemoveCloudAccountResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.accountId)) {
    query['AccountId'] = request.accountId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'RemoveCloudAccount',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @description This topic provides an example on how to call the API operation to remove the member `177242285274****` from a resource directory.
 *
 * @param request RemoveCloudAccountRequest
 * @return RemoveCloudAccountResponse
 */
async function removeCloudAccount(request: RemoveCloudAccountRequest): RemoveCloudAccountResponse {
  var runtime = new Util.RuntimeOptions{};
  return removeCloudAccountWithOptions(request, runtime);
}

model ResendCreateCloudAccountEmailRequest {
  recordId?: string(name='RecordId', description='The account record ID.

This parameter is required.', example='06950264-3f0d-4ca9-82dd-6ee7a3d33d6b'),
}

model ResendCreateCloudAccountEmailResponseBody = {
  account?: {
    accountId?: string(name='AccountId', description='The ID of the account.', example='12323344****'),
    accountName?: string(name='AccountName', description='The name of the account.', example='someone@example.com'),
    displayName?: string(name='DisplayName', description='The display name of the member account.', example='admin'),
    folderId?: string(name='FolderId', description='The ID of the folder.', example='fd-bVaRIG****'),
    joinMethod?: string(name='JoinMethod', description='The way in which the member account joined the resource directory. Valid values:

*   invited: The member account is invited to join the resource directory.
*   created: The member account is directly created in the resource directory.', example='created'),
    joinTime?: string(name='JoinTime', description='The time when the member account joined the resource directory.', example='2015-01-23T12:33:18Z'),
    modifyTime?: string(name='ModifyTime', description='The time when the member account was modified.', example='2015-01-23T12:33:18Z'),
    recordId?: string(name='RecordId', description='The account record ID.', example='16950264-3f0d-4ca9-82dd-6ee7a3d33d6b'),
    resourceDirectoryId?: string(name='ResourceDirectoryId', description='The ID of the resource directory.', example='rd-k3****'),
    status?: string(name='Status', description='The status of the member account. Valid values:

*   CreateSuccess: The member account is created.
*   CreateVerifying: The creation of the member account is under confirmation.
*   CreateFailed: The member account failed to be created.
*   CreateExpired: The creation of the member account expired.
*   CreateCancelled: The creation of the member account is canceled.
*   PromoteVerifying: The upgrade of the member account is under confirmation.
*   PromoteFailed: The member account failed to be upgraded.
*   PromoteExpired: The upgrade of the member account expired.
*   PromoteCancelled: The upgrade of the member account is canceled.
*   PromoteSuccess: The member account is upgraded.
*   InviteSuccess: The owner of the member account accepted the invitation.
*   Removed: The member account is removed from the resource directory.', example='CreateVerifying'),
    type?: string(name='Type', description='The type of the member account. The value CloudAccount indicates that the member account is a cloud account.', example='CloudAccount'),
  }(name='Account', description='The information of the member account.'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='9B34724D-54B0-4A51-B34D-4512372FE1BE'),
}

model ResendCreateCloudAccountEmailResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ResendCreateCloudAccountEmailResponseBody(name='body'),
}

/**
 * @summary 重新发送创建云账号的邮箱验证
 *
 * @param request ResendCreateCloudAccountEmailRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ResendCreateCloudAccountEmailResponse
 */
async function resendCreateCloudAccountEmailWithOptions(request: ResendCreateCloudAccountEmailRequest, runtime: Util.RuntimeOptions): ResendCreateCloudAccountEmailResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.recordId)) {
    query['RecordId'] = request.recordId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ResendCreateCloudAccountEmail',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary 重新发送创建云账号的邮箱验证
 *
 * @param request ResendCreateCloudAccountEmailRequest
 * @return ResendCreateCloudAccountEmailResponse
 */
async function resendCreateCloudAccountEmail(request: ResendCreateCloudAccountEmailRequest): ResendCreateCloudAccountEmailResponse {
  var runtime = new Util.RuntimeOptions{};
  return resendCreateCloudAccountEmailWithOptions(request, runtime);
}

model ResendPromoteResourceAccountEmailRequest {
  recordId?: string(name='RecordId', description='The account record ID.

This parameter is required.', example='06950264-3f0d-4ca9-82dd-6ee7a3d33d6b'),
}

model ResendPromoteResourceAccountEmailResponseBody = {
  account?: {
    accountId?: string(name='AccountId', description='The ID of the account.', example='12323344****'),
    accountName?: string(name='AccountName', description='The name of the account.', example='someone@example.com'),
    displayName?: string(name='DisplayName', description='The display name of the member account.', example='admin'),
    folderId?: string(name='FolderId', description='The ID of the folder.', example='fd-bVaRIG****'),
    joinMethod?: string(name='JoinMethod', description='The way in which the member account joined the resource directory. Valid values:

*   invited: The member account is invited to join the resource directory.
*   created: The member account is directly created in the resource directory.', example='created'),
    joinTime?: string(name='JoinTime', description='The time when the member account joined the resource directory.', example='2015-01-23T12:33:18Z'),
    modifyTime?: string(name='ModifyTime', description='The time when the member account was modified.', example='2015-01-23T12:33:18Z'),
    recordId?: string(name='RecordId', description='The account record ID.', example='16950264-3f0d-4ca9-82dd-6ee7a3d33d6b'),
    resourceDirectoryId?: string(name='ResourceDirectoryId', description='The ID of the resource directory.', example='rd-k3****'),
    status?: string(name='Status', description='The status of the member account. Valid values:

*   CreateSuccess: The member account is created.
*   CreateVerifying: The creation of the member account is under confirmation.
*   CreateFailed: The member account failed to be created.
*   CreateExpired: The creation of the member account expired.
*   CreateCancelled: The creation of the member account is canceled.
*   PromoteVerifying: The upgrade of the member account is under confirmation.
*   PromoteFailed: The member account failed to be upgraded.
*   PromoteExpired: The upgrade of the member account expired.
*   PromoteCancelled: The upgrade of the member account is canceled.
*   PromoteSuccess: The member account is upgraded.
*   InviteSuccess: The owner of the member account accepted the invitation.
*   Removed: The member account is removed from the resource directory.', example='PromoteVerifying'),
    type?: string(name='Type', description='The type of the member account. Valid values:

*   CloudAccount: cloud account
*   ResourceAccount: resource account', example='ResourceAccount'),
  }(name='Account', description='The information of the member account.'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='9B34724D-54B0-4A51-B34D-4512372FE1BE'),
}

model ResendPromoteResourceAccountEmailResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ResendPromoteResourceAccountEmailResponseBody(name='body'),
}

/**
 * @summary 重新发送升级资源账号的邮箱验证
 *
 * @param request ResendPromoteResourceAccountEmailRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ResendPromoteResourceAccountEmailResponse
 */
async function resendPromoteResourceAccountEmailWithOptions(request: ResendPromoteResourceAccountEmailRequest, runtime: Util.RuntimeOptions): ResendPromoteResourceAccountEmailResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.recordId)) {
    query['RecordId'] = request.recordId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ResendPromoteResourceAccountEmail',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary 重新发送升级资源账号的邮箱验证
 *
 * @param request ResendPromoteResourceAccountEmailRequest
 * @return ResendPromoteResourceAccountEmailResponse
 */
async function resendPromoteResourceAccountEmail(request: ResendPromoteResourceAccountEmailRequest): ResendPromoteResourceAccountEmailResponse {
  var runtime = new Util.RuntimeOptions{};
  return resendPromoteResourceAccountEmailWithOptions(request, runtime);
}

model RetryChangeAccountEmailRequest {
  accountId?: string(name='AccountId', description='The Alibaba Cloud account ID of the member.

This parameter is required.', example='181761095690****'),
}

model RetryChangeAccountEmailResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='9B34724D-54B0-4A51-B34D-4512372FE1BE'),
}

model RetryChangeAccountEmailResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: RetryChangeAccountEmailResponseBody(name='body'),
}

/**
 * @summary 重新发送确认邮件
 *
 * @param request RetryChangeAccountEmailRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return RetryChangeAccountEmailResponse
 */
async function retryChangeAccountEmailWithOptions(request: RetryChangeAccountEmailRequest, runtime: Util.RuntimeOptions): RetryChangeAccountEmailResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.accountId)) {
    query['AccountId'] = request.accountId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'RetryChangeAccountEmail',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary 重新发送确认邮件
 *
 * @param request RetryChangeAccountEmailRequest
 * @return RetryChangeAccountEmailResponse
 */
async function retryChangeAccountEmail(request: RetryChangeAccountEmailRequest): RetryChangeAccountEmailResponse {
  var runtime = new Util.RuntimeOptions{};
  return retryChangeAccountEmailWithOptions(request, runtime);
}

model SendVerificationCodeForBindSecureMobilePhoneRequest {
  accountId?: string(name='AccountId', description='The ID of the resource account.

This parameter is required.', example='138660628348****'),
  secureMobilePhone?: string(name='SecureMobilePhone', description='The mobile phone number that you want to bind to the resource account.

Specify the mobile phone number in the \\\\<Country code>-\\\\<Mobile phone number> format.

>  Mobile phone numbers in the `86-<Mobile phone number>` format in the Chinese mainland are not supported.

This parameter is required.', example='xx-13900001234'),
}

model SendVerificationCodeForBindSecureMobilePhoneResponseBody = {
  expirationDate?: string(name='ExpirationDate', description='The time when the verification code expires.', example='2021-12-17T07:38:41.747Z'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='DCD43660-75DD-5D15-B342-1B83FCA5B913'),
}

model SendVerificationCodeForBindSecureMobilePhoneResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: SendVerificationCodeForBindSecureMobilePhoneResponseBody(name='body'),
}

/**
 * @summary 发送绑定安全手机验证码
 *
 * @description To ensure that the system can record the operators of management operations, you must use a RAM user or RAM role to which the AliyunResourceDirectoryFullAccess policy is attached within the management account of your resource directory to call this operation.
 * In this example, a verification code is sent to the mobile phone number that you want to bind to the resource account `138660628348****`.
 *
 * @param request SendVerificationCodeForBindSecureMobilePhoneRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return SendVerificationCodeForBindSecureMobilePhoneResponse
 */
async function sendVerificationCodeForBindSecureMobilePhoneWithOptions(request: SendVerificationCodeForBindSecureMobilePhoneRequest, runtime: Util.RuntimeOptions): SendVerificationCodeForBindSecureMobilePhoneResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.accountId)) {
    query['AccountId'] = request.accountId;
  }
  if (!Util.isUnset(request.secureMobilePhone)) {
    query['SecureMobilePhone'] = request.secureMobilePhone;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'SendVerificationCodeForBindSecureMobilePhone',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary 发送绑定安全手机验证码
 *
 * @description To ensure that the system can record the operators of management operations, you must use a RAM user or RAM role to which the AliyunResourceDirectoryFullAccess policy is attached within the management account of your resource directory to call this operation.
 * In this example, a verification code is sent to the mobile phone number that you want to bind to the resource account `138660628348****`.
 *
 * @param request SendVerificationCodeForBindSecureMobilePhoneRequest
 * @return SendVerificationCodeForBindSecureMobilePhoneResponse
 */
async function sendVerificationCodeForBindSecureMobilePhone(request: SendVerificationCodeForBindSecureMobilePhoneRequest): SendVerificationCodeForBindSecureMobilePhoneResponse {
  var runtime = new Util.RuntimeOptions{};
  return sendVerificationCodeForBindSecureMobilePhoneWithOptions(request, runtime);
}

model SendVerificationCodeForEnableRDRequest {
  secureMobilePhone?: string(name='SecureMobilePhone', description='The mobile phone number that is bound to the newly created account. If you leave this parameter empty, the mobile phone number that is bound to the current account is used.

Specify the mobile phone number in the `<Country code>-<Mobile phone number>` format.

>  Mobile phone numbers in the `86-<Mobile phone number>` format in the Chinese mainland are not supported.', example='xx-13900001234'),
}

model SendVerificationCodeForEnableRDResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='EC2FE94D-A4A2-51A1-A493-5C273A36C46A'),
}

model SendVerificationCodeForEnableRDResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: SendVerificationCodeForEnableRDResponseBody(name='body'),
}

/**
 * @summary 发送开启资源目录短信
 *
 * @description Each Alibaba Cloud account can be used to send a maximum of 100 verification codes per day.
 *
 * @param request SendVerificationCodeForEnableRDRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return SendVerificationCodeForEnableRDResponse
 */
async function sendVerificationCodeForEnableRDWithOptions(request: SendVerificationCodeForEnableRDRequest, runtime: Util.RuntimeOptions): SendVerificationCodeForEnableRDResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.secureMobilePhone)) {
    query['SecureMobilePhone'] = request.secureMobilePhone;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'SendVerificationCodeForEnableRD',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary 发送开启资源目录短信
 *
 * @description Each Alibaba Cloud account can be used to send a maximum of 100 verification codes per day.
 *
 * @param request SendVerificationCodeForEnableRDRequest
 * @return SendVerificationCodeForEnableRDResponse
 */
async function sendVerificationCodeForEnableRD(request: SendVerificationCodeForEnableRDRequest): SendVerificationCodeForEnableRDResponse {
  var runtime = new Util.RuntimeOptions{};
  return sendVerificationCodeForEnableRDWithOptions(request, runtime);
}

model SetDefaultPolicyVersionRequest {
  policyName?: string(name='PolicyName', description='The name of the policy.

The name must be 1 to 128 characters in length and can contain letters, digits, and hyphens (-).

This parameter is required.', example='OSS-Administrator'),
  versionId?: string(name='VersionId', description='The ID of the policy version.

This parameter is required.', example='v2'),
}

model SetDefaultPolicyVersionResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='9B34724D-54B0-4A51-B34D-4512372FE1BE'),
}

model SetDefaultPolicyVersionResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: SetDefaultPolicyVersionResponseBody(name='body'),
}

/**
 * @summary 设置权限策略默认版本
 *
 * @param request SetDefaultPolicyVersionRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return SetDefaultPolicyVersionResponse
 */
async function setDefaultPolicyVersionWithOptions(request: SetDefaultPolicyVersionRequest, runtime: Util.RuntimeOptions): SetDefaultPolicyVersionResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.policyName)) {
    query['PolicyName'] = request.policyName;
  }
  if (!Util.isUnset(request.versionId)) {
    query['VersionId'] = request.versionId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'SetDefaultPolicyVersion',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary 设置权限策略默认版本
 *
 * @param request SetDefaultPolicyVersionRequest
 * @return SetDefaultPolicyVersionResponse
 */
async function setDefaultPolicyVersion(request: SetDefaultPolicyVersionRequest): SetDefaultPolicyVersionResponse {
  var runtime = new Util.RuntimeOptions{};
  return setDefaultPolicyVersionWithOptions(request, runtime);
}

model SetMemberDeletionPermissionRequest {
  status?: string(name='Status', description='Specifies whether to enable the member deletion feature. Valid values:

*   Enabled: enables the member deletion feature
*   Disabled: disables the member deletion feature

This parameter is required.', example='Enabled'),
}

model SetMemberDeletionPermissionResponseBody = {
  managementAccountId?: string(name='ManagementAccountId', description='The ID of the management account of the resource directory.', example='151266687691****'),
  memberDeletionStatus?: string(name='MemberDeletionStatus', description='The status of the member deletion feature. Valid values:

*   Enabled: The feature is enabled.
*   Disabled: The feature is disabled.', example='Enabled'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='C55A4CAA-9039-1DDF-91CE-FCC134513D29'),
  resourceDirectoryId?: string(name='ResourceDirectoryId', description='The ID of the resource directory.', example='rd-3G****'),
}

model SetMemberDeletionPermissionResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: SetMemberDeletionPermissionResponseBody(name='body'),
}

/**
 * @summary 开启或关闭成员删除许可
 *
 * @description Members of the resource account type can be deleted only after the member deletion feature is enabled.
 *
 * @param request SetMemberDeletionPermissionRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return SetMemberDeletionPermissionResponse
 */
async function setMemberDeletionPermissionWithOptions(request: SetMemberDeletionPermissionRequest, runtime: Util.RuntimeOptions): SetMemberDeletionPermissionResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.status)) {
    query['Status'] = request.status;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'SetMemberDeletionPermission',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary 开启或关闭成员删除许可
 *
 * @description Members of the resource account type can be deleted only after the member deletion feature is enabled.
 *
 * @param request SetMemberDeletionPermissionRequest
 * @return SetMemberDeletionPermissionResponse
 */
async function setMemberDeletionPermission(request: SetMemberDeletionPermissionRequest): SetMemberDeletionPermissionResponse {
  var runtime = new Util.RuntimeOptions{};
  return setMemberDeletionPermissionWithOptions(request, runtime);
}

model TagResourcesRequest {
  resourceId?: [ string ](name='ResourceId', description='The ID of a resource group or member.

This parameter is required.'),
  resourceType?: string(name='ResourceType', description='The type of the objects to which you want to add tags. Valid values:

*   ResourceGroup : resource group. This is the default value.
*   Account: member.

>  This parameter is required if you add tags to members in a resource directory.', example='ResourceGroup'),
  tag?: [ 
    {
      key?: string(name='Key', description='A tag key.

A tag key can be a maximum of 128 characters in length. It cannot contain `http://` or `https://` and cannot start with `acs:` or `aliyun`.', example='k1'),
      value?: string(name='Value', description='A tag value.

A tag value can be a maximum of 128 characters in length. It cannot contain `http://` or `https://` and cannot start with `acs:`.', example='v1'),
    }
  ](name='Tag', description='The tags.

This parameter is required.'),
}

model TagResourcesResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='E7747EDF-EDDC-5B38-9B6A-6392B9C92B1C'),
}

model TagResourcesResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: TagResourcesResponseBody(name='body'),
}

/**
 * @summary Adds tags to resource groups or the members in a resource directory.
 *
 * @description This topic provides an example on how to call the API operation to add the tag `k1:v1` to the resource group with an ID of `rg-aekz6bre2uq****`.
 *
 * @param request TagResourcesRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return TagResourcesResponse
 */
async function tagResourcesWithOptions(request: TagResourcesRequest, runtime: Util.RuntimeOptions): TagResourcesResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.resourceId)) {
    query['ResourceId'] = request.resourceId;
  }
  if (!Util.isUnset(request.resourceType)) {
    query['ResourceType'] = request.resourceType;
  }
  if (!Util.isUnset(request.tag)) {
    query['Tag'] = request.tag;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'TagResources',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Adds tags to resource groups or the members in a resource directory.
 *
 * @description This topic provides an example on how to call the API operation to add the tag `k1:v1` to the resource group with an ID of `rg-aekz6bre2uq****`.
 *
 * @param request TagResourcesRequest
 * @return TagResourcesResponse
 */
async function tagResources(request: TagResourcesRequest): TagResourcesResponse {
  var runtime = new Util.RuntimeOptions{};
  return tagResourcesWithOptions(request, runtime);
}

model UntagResourcesRequest {
  all?: boolean(name='All', description='Specifies whether to remove all tags from the specified resource groups or members. Valid values:

*   false (default value)
*   true', example='false'),
  resourceId?: [ string ](name='ResourceId', description='The ID of a resource group or member.

You can specify a maximum of 50 IDs.

This parameter is required.'),
  resourceType?: string(name='ResourceType', description='The type of the objects from which you want to remove tags. Valid values:

*   ResourceGroup: resource group. This is the default value.
*   Account: member.

>  This parameter is required if you remove tags from members in a resource directory.', example='ResourceGroup'),
  tagKey?: [ string ](name='TagKey', description='A tag key.

You can specify a maximum of 20 tag keys.

>  If you set the `All` parameter to `true`, you do not need to configure this parameter.'),
}

model UntagResourcesResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='E7747EDF-EDDC-5B38-9B6A-6392B9C92B1C'),
}

model UntagResourcesResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: UntagResourcesResponseBody(name='body'),
}

/**
 * @summary Removes tags from resource groups or the members in a resource directory.
 *
 * @description This topic provides an example on how to call the API operation to remove the tag whose tag key is `k1` from the resource group whose ID is `rg-aek2dpwyrfr****`.
 *
 * @param request UntagResourcesRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return UntagResourcesResponse
 */
async function untagResourcesWithOptions(request: UntagResourcesRequest, runtime: Util.RuntimeOptions): UntagResourcesResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.all)) {
    query['All'] = request.all;
  }
  if (!Util.isUnset(request.resourceId)) {
    query['ResourceId'] = request.resourceId;
  }
  if (!Util.isUnset(request.resourceType)) {
    query['ResourceType'] = request.resourceType;
  }
  if (!Util.isUnset(request.tagKey)) {
    query['TagKey'] = request.tagKey;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'UntagResources',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Removes tags from resource groups or the members in a resource directory.
 *
 * @description This topic provides an example on how to call the API operation to remove the tag whose tag key is `k1` from the resource group whose ID is `rg-aek2dpwyrfr****`.
 *
 * @param request UntagResourcesRequest
 * @return UntagResourcesResponse
 */
async function untagResources(request: UntagResourcesRequest): UntagResourcesResponse {
  var runtime = new Util.RuntimeOptions{};
  return untagResourcesWithOptions(request, runtime);
}

model UpdateAccountRequest {
  accountId?: string(name='AccountId', description='The ID of the Alibaba Cloud account that corresponds to the member.

This parameter is required.', example='12323344****'),
  newAccountType?: string(name='NewAccountType', description='The new type of the member. Valid values:

*   ResourceAccount: resource account
*   CloudAccount: cloud account

>  You can configure either the `NewDisplayName` or `NewAccountType` parameter.', example='ResourceAccount'),
  newDisplayName?: string(name='NewDisplayName', description='The new display name of the member.

>  You can configure either the `NewDisplayName` or `NewAccountType` parameter.', example='admin'),
}

model UpdateAccountResponseBody = {
  account?: {
    accountId?: string(name='AccountId', description='The ID of the Alibaba Cloud account that corresponds to the member.', example='12323344****'),
    accountName?: string(name='AccountName', description='The name of the Alibaba Cloud account that corresponds to the member.', example='ecs-manager@aliyun.com'),
    displayName?: string(name='DisplayName', description='The display name of the member.', example='admin'),
    folderId?: string(name='FolderId', description='The ID of the folder.', example='fd-bVaRIG****'),
    joinMethod?: string(name='JoinMethod', description='The way in which the member joins the resource directory. Valid values:

*   invited: The member is invited to join the resource directory.
*   created: The member is directly created in the resource directory.', example='created'),
    joinTime?: string(name='JoinTime', description='The time when the member joined the resource directory. The time is displayed in UTC.', example='2015-01-23T12:33:18Z'),
    modifyTime?: string(name='ModifyTime', description='The time when the member was modified. The time is displayed in UTC.', example='2015-01-23T12:33:18Z'),
    resourceDirectoryId?: string(name='ResourceDirectoryId', description='The ID of the resource directory.', example='rd-k3****'),
    status?: string(name='Status', description='The status of the member. Valid values:

*   CreateSuccess: The member is created.
*   InviteSuccess: The member accepts the invitation.
*   Removed: The member is removed.
*   SwitchSuccess: The type of the member is switched.', example='CreateSuccess'),
    type?: string(name='Type', description='The type of the member. Valid values:

*   CloudAccount: cloud account
*   ResourceAccount: resource account', example='ResourceAccount'),
  }(name='Account', description='The information of the member.'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='9B34724D-54B0-4A51-B34D-4512372FE1BE'),
}

model UpdateAccountResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: UpdateAccountResponseBody(name='body'),
}

/**
 * @description *   To ensure that the system can record the operators of management operations, you must use a RAM user or RAM role to which the AliyunResourceDirectoryFullAccess policy is attached within the management account of your resource directory to call this operation.
 * *   Before you switch the type of a member from resource account to cloud account, make sure that specific conditions are met. For more information about the conditions, see [Switch a resource account to a cloud account](https://help.aliyun.com/document_detail/111233.html).
 * *   Before you switch the type of a member from cloud account to resource account, make sure that specific conditions are met. For more information about the conditions, see [Switch a cloud account to a resource account](https://help.aliyun.com/document_detail/209980.html).
 * This example provides an example on how to call the API operation to change the display name of the member `12323344****` to `admin`.
 *
 * @param request UpdateAccountRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return UpdateAccountResponse
 */
async function updateAccountWithOptions(request: UpdateAccountRequest, runtime: Util.RuntimeOptions): UpdateAccountResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.accountId)) {
    query['AccountId'] = request.accountId;
  }
  if (!Util.isUnset(request.newAccountType)) {
    query['NewAccountType'] = request.newAccountType;
  }
  if (!Util.isUnset(request.newDisplayName)) {
    query['NewDisplayName'] = request.newDisplayName;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'UpdateAccount',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @description *   To ensure that the system can record the operators of management operations, you must use a RAM user or RAM role to which the AliyunResourceDirectoryFullAccess policy is attached within the management account of your resource directory to call this operation.
 * *   Before you switch the type of a member from resource account to cloud account, make sure that specific conditions are met. For more information about the conditions, see [Switch a resource account to a cloud account](https://help.aliyun.com/document_detail/111233.html).
 * *   Before you switch the type of a member from cloud account to resource account, make sure that specific conditions are met. For more information about the conditions, see [Switch a cloud account to a resource account](https://help.aliyun.com/document_detail/209980.html).
 * This example provides an example on how to call the API operation to change the display name of the member `12323344****` to `admin`.
 *
 * @param request UpdateAccountRequest
 * @return UpdateAccountResponse
 */
async function updateAccount(request: UpdateAccountRequest): UpdateAccountResponse {
  var runtime = new Util.RuntimeOptions{};
  return updateAccountWithOptions(request, runtime);
}

model UpdateAssociatedTransferSettingRequest {
  enableExistingResourcesTransfer?: string(name='EnableExistingResourcesTransfer', description='Specifies whether to enable the Transfer Existing Associated Resources feature. Valid values:

*   false
*   true', example='false'),
  ruleSettings?: [ 
    {
      associatedResourceType?: string(name='AssociatedResourceType', description='The type of the associated resource.

You can obtain the resource type from the **Resource type** column in [Services that work with Resource Group](https://help.aliyun.com/document_detail/94479.html).', example='disk'),
      associatedService?: string(name='AssociatedService', description='The service code of the associated resource.

You can obtain the service code from the **Service code** column in [Services that work with Resource Group](https://help.aliyun.com/document_detail/94479.html).', example='ecs'),
      masterResourceType?: string(name='MasterResourceType', description='The type of the primary resource.

You can obtain the resource type from the **Resource type** column in [Services that work with Resource Group](https://help.aliyun.com/document_detail/94479.html).', example='instance'),
      masterService?: string(name='MasterService', description='The service code of the primary resource.

You can obtain the service code from the **Service code** column in [Services that work with Resource Group](https://help.aliyun.com/document_detail/94479.html).', example='ecs'),
      status?: string(name='Status', description='The status of the Transfer Associated Resources feature. Valid values:

*   Enable: enabled
*   Disable: disabled

This parameter is required.', example='Enable'),
    }
  ](name='RuleSettings', description='The settings of transfer rules.'),
}

model UpdateAssociatedTransferSettingResponseBody = {
  requestId?: string(name='RequestId', description='The request ID.', example='7B8A4E7D-6CFF-471D-84DF-195A7A241ECB'),
}

model UpdateAssociatedTransferSettingResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: UpdateAssociatedTransferSettingResponseBody(name='body'),
}

/**
 * @summary Updates the settings of the Transfer Associated Resources feature.
 *
 * @description For information about the resources that support the Transfer Associated Resources feature, see [Use the Transfer Associated Resources feature](https://help.aliyun.com/document_detail/606232.html).
 *
 * @param request UpdateAssociatedTransferSettingRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return UpdateAssociatedTransferSettingResponse
 */
async function updateAssociatedTransferSettingWithOptions(request: UpdateAssociatedTransferSettingRequest, runtime: Util.RuntimeOptions): UpdateAssociatedTransferSettingResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.enableExistingResourcesTransfer)) {
    query['EnableExistingResourcesTransfer'] = request.enableExistingResourcesTransfer;
  }
  if (!Util.isUnset(request.ruleSettings)) {
    query['RuleSettings'] = request.ruleSettings;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'UpdateAssociatedTransferSetting',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Updates the settings of the Transfer Associated Resources feature.
 *
 * @description For information about the resources that support the Transfer Associated Resources feature, see [Use the Transfer Associated Resources feature](https://help.aliyun.com/document_detail/606232.html).
 *
 * @param request UpdateAssociatedTransferSettingRequest
 * @return UpdateAssociatedTransferSettingResponse
 */
async function updateAssociatedTransferSetting(request: UpdateAssociatedTransferSettingRequest): UpdateAssociatedTransferSettingResponse {
  var runtime = new Util.RuntimeOptions{};
  return updateAssociatedTransferSettingWithOptions(request, runtime);
}

model UpdateAutoGroupingConfigRequest {
  enableExistingResourcesTransfer?: boolean(name='EnableExistingResourcesTransfer', description='Specifies whether to enable the Transfer Existing Associated Resources feature. Valid values:

*   false
*   true', example='false'),
}

model UpdateAutoGroupingConfigResponseBody = {
  requestId?: string(name='RequestId', description='The request ID.', example='C2CBCA30-C8DD-423E-B4AD-4FB694C9180C'),
}

model UpdateAutoGroupingConfigResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: UpdateAutoGroupingConfigResponseBody(name='body'),
}

/**
 * @summary Updates the configuration of the Automatic Resource Transfer feature. You can update only the configuration of the Transfer Existing Associated Resources feature.
 *
 * @param request UpdateAutoGroupingConfigRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return UpdateAutoGroupingConfigResponse
 */
async function updateAutoGroupingConfigWithOptions(request: UpdateAutoGroupingConfigRequest, runtime: Util.RuntimeOptions): UpdateAutoGroupingConfigResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.enableExistingResourcesTransfer)) {
    query['EnableExistingResourcesTransfer'] = request.enableExistingResourcesTransfer;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'UpdateAutoGroupingConfig',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Updates the configuration of the Automatic Resource Transfer feature. You can update only the configuration of the Transfer Existing Associated Resources feature.
 *
 * @param request UpdateAutoGroupingConfigRequest
 * @return UpdateAutoGroupingConfigResponse
 */
async function updateAutoGroupingConfig(request: UpdateAutoGroupingConfigRequest): UpdateAutoGroupingConfigResponse {
  var runtime = new Util.RuntimeOptions{};
  return updateAutoGroupingConfigWithOptions(request, runtime);
}

model UpdateAutoGroupingRuleRequest {
  excludeRegionIdsScope?: string(name='ExcludeRegionIdsScope', description='The IDs of regions to be excluded. Separate multiple IDs with commas (,).', example='cn-beijing,cn-guangzhou'),
  excludeResourceGroupIdsScope?: string(name='ExcludeResourceGroupIdsScope', description='The IDs of resource groups to be excluded. Separate multiple IDs with commas (,).', example='rg-aekz******zj2oi,rg-aekz******r62ua'),
  excludeResourceIdsScope?: string(name='ExcludeResourceIdsScope', description='The IDs of resources to be excluded. Separate multiple IDs with commas (,).', example='pc-uf6p******4h784y,rmq-cn-******ny0y'),
  excludeResourceTypesScope?: string(name='ExcludeResourceTypesScope', description='The resource types to be excluded. Separate multiple resource types with commas (,).', example='mse.cluster,slb.loadbalancer'),
  regionIdsScope?: string(name='RegionIdsScope', description='The IDs of regions. Separate multiple IDs with commas (,).', example='cn-hangzhou,cn-shanghai'),
  resourceGroupIdsScope?: string(name='ResourceGroupIdsScope', description='The IDs of resource groups. Separate multiple IDs with commas (,).', example='rg-aekz******4b5ea,rg-aek2******fxykq'),
  resourceIdsScope?: string(name='ResourceIdsScope', description='The IDs of resources. Separate multiple IDs with commas (,).', example='i-2zee******ym49kfmwis,vpc-5ts6******fnw493g849a'),
  resourceTypesScope?: string(name='ResourceTypesScope', description='The resource types. Separate multiple resource types with commas (,).', example='rds.dbinstance,oss.bucket'),
  ruleContents?: [ 
    {
      autoGroupingScopeCondition?: string(name='AutoGroupingScopeCondition', description='The condition for the range of resources that are automatically transferred.', example='{"children":[{"desired":"{\\\\"env\\\\":\\\\"online\\\\", \\\\"project\\\\":\\\\"A\\\\"}","featurePath":"$.tags","featureSource":"RESOURCE","operator":"TagMatchAll"}],"operator":"and"}'),
      ruleContentId?: string(name='RuleContentId', description='The ID of the content record.', example='grc-acfo******fwybpq'),
      targetResourceGroupCondition?: string(name='TargetResourceGroupCondition', description='The condition for the destination resource group.

This parameter is required.', example='{"children":[{"desired":"rg-aek2********qcy","featurePath":"$.resourceGroupId","featureSource":"RESOURCE","operator":"StringEquals"}],"operator":"and"}'),
    }
  ](name='RuleContents', description='The content records of the rule.

This parameter is required.'),
  ruleDesc?: string(name='RuleDesc', description='The description of the rule.', example='Transfer resources to which the {"env": "online"} and {"project": "A"} tags are added to the resource group rg-aek2********qcy.'),
  ruleId?: string(name='RuleId', description='The ID of the rule.

This parameter is required.', example='gr-acfo******hy6a'),
  ruleName?: string(name='RuleName', description='The name of the rule.

This parameter is required.', example='Custom Transfer Rule for Online Resources of Project A'),
}

model UpdateAutoGroupingRuleResponseBody = {
  requestId?: string(name='RequestId', description='The request ID.', example='7B8A4E7D-6CFF-471D-84DF-195A7A241ECB'),
}

model UpdateAutoGroupingRuleResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: UpdateAutoGroupingRuleResponseBody(name='body'),
}

/**
 * @summary Updates a transfer rule.
 *
 * @param request UpdateAutoGroupingRuleRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return UpdateAutoGroupingRuleResponse
 */
async function updateAutoGroupingRuleWithOptions(request: UpdateAutoGroupingRuleRequest, runtime: Util.RuntimeOptions): UpdateAutoGroupingRuleResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.excludeRegionIdsScope)) {
    query['ExcludeRegionIdsScope'] = request.excludeRegionIdsScope;
  }
  if (!Util.isUnset(request.excludeResourceGroupIdsScope)) {
    query['ExcludeResourceGroupIdsScope'] = request.excludeResourceGroupIdsScope;
  }
  if (!Util.isUnset(request.excludeResourceIdsScope)) {
    query['ExcludeResourceIdsScope'] = request.excludeResourceIdsScope;
  }
  if (!Util.isUnset(request.excludeResourceTypesScope)) {
    query['ExcludeResourceTypesScope'] = request.excludeResourceTypesScope;
  }
  if (!Util.isUnset(request.regionIdsScope)) {
    query['RegionIdsScope'] = request.regionIdsScope;
  }
  if (!Util.isUnset(request.resourceGroupIdsScope)) {
    query['ResourceGroupIdsScope'] = request.resourceGroupIdsScope;
  }
  if (!Util.isUnset(request.resourceIdsScope)) {
    query['ResourceIdsScope'] = request.resourceIdsScope;
  }
  if (!Util.isUnset(request.resourceTypesScope)) {
    query['ResourceTypesScope'] = request.resourceTypesScope;
  }
  if (!Util.isUnset(request.ruleContents)) {
    query['RuleContents'] = request.ruleContents;
  }
  if (!Util.isUnset(request.ruleDesc)) {
    query['RuleDesc'] = request.ruleDesc;
  }
  if (!Util.isUnset(request.ruleId)) {
    query['RuleId'] = request.ruleId;
  }
  if (!Util.isUnset(request.ruleName)) {
    query['RuleName'] = request.ruleName;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'UpdateAutoGroupingRule',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Updates a transfer rule.
 *
 * @param request UpdateAutoGroupingRuleRequest
 * @return UpdateAutoGroupingRuleResponse
 */
async function updateAutoGroupingRule(request: UpdateAutoGroupingRuleRequest): UpdateAutoGroupingRuleResponse {
  var runtime = new Util.RuntimeOptions{};
  return updateAutoGroupingRuleWithOptions(request, runtime);
}

model UpdateControlPolicyRequest {
  newDescription?: string(name='NewDescription', description='The new description of the access control policy.

The description must be 1 to 1,024 characters in length. The description can contain letters, digits, underscores (_), and hyphens (-) and must start with a letter.', example='ExampleControlPolicy'),
  newPolicyDocument?: string(name='NewPolicyDocument', description='The new document of the access control policy.

The document can be a maximum of 4,096 characters in length.

For more information about the languages of access control policies, see [Languages of access control policies](https://help.aliyun.com/document_detail/179096.html).

For more information about the examples of access control policies, see [Examples of custom access control policies](https://help.aliyun.com/document_detail/181474.html).', example='{"Version":"1","Statement":[{"Effect":"Deny","Action":["ram:UpdateRole","ram:DeleteRole","ram:AttachPolicyToRole","ram:DetachPolicyFromRole"],"Resource":"acs:ram:*:*:role/ResourceDirectoryAccountAccessRole"}]}'),
  newPolicyName?: string(name='NewPolicyName', description='The new name of the access control policy.

The name must be 1 to 128 characters in length. The name can contain letters, digits, and hyphens (-) and must start with a letter.', example='NewControlPolicy'),
  policyId?: string(name='PolicyId', description='The ID of the access control policy.

This parameter is required.', example='cp-jExXAqIYkwHN****'),
}

model UpdateControlPolicyResponseBody = {
  controlPolicy?: {
    attachmentCount?: string(name='AttachmentCount', description='The number of times that the access control policy is referenced.', example='0'),
    createDate?: string(name='CreateDate', description='The time when the access control policy was created.', example='2021-03-18T09:24:19Z'),
    description?: string(name='Description', description='The description of the access control policy.', example='ExampleControlPolicy'),
    effectScope?: string(name='EffectScope', description='The effective scope of the access control policy. Valid values:

*   All: The access control policy is in effect for Alibaba Cloud accounts, RAM users, and RAM roles.
*   RAM: The access control policy is in effect only for RAM users and RAM roles.', example='RAM'),
    policyId?: string(name='PolicyId', description='The ID of the access control policy.', example='cp-jExXAqIYkwHN****'),
    policyName?: string(name='PolicyName', description='The name of the access control policy.', example='NewControlPolicy'),
    policyType?: string(name='PolicyType', description='The type of the access control policy. Valid values:

*   System: system access control policy
*   Custom: custom access control policy', example='Custom'),
    updateDate?: string(name='UpdateDate', description='The time when the access control policy was updated.', example='2021-03-18T10:04:55Z'),
  }(name='ControlPolicy', description='The details of the access control policy.'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='2DFCE4C9-04A9-4C83-BB14-FE791275EC53'),
}

model UpdateControlPolicyResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: UpdateControlPolicyResponseBody(name='body'),
}

/**
 * @description In this example, the name of the access control policy whose ID is `cp-jExXAqIYkwHN****` is changed to `NewControlPolicy`.
 *
 * @param request UpdateControlPolicyRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return UpdateControlPolicyResponse
 */
async function updateControlPolicyWithOptions(request: UpdateControlPolicyRequest, runtime: Util.RuntimeOptions): UpdateControlPolicyResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.newDescription)) {
    query['NewDescription'] = request.newDescription;
  }
  if (!Util.isUnset(request.newPolicyDocument)) {
    query['NewPolicyDocument'] = request.newPolicyDocument;
  }
  if (!Util.isUnset(request.newPolicyName)) {
    query['NewPolicyName'] = request.newPolicyName;
  }
  if (!Util.isUnset(request.policyId)) {
    query['PolicyId'] = request.policyId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'UpdateControlPolicy',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @description In this example, the name of the access control policy whose ID is `cp-jExXAqIYkwHN****` is changed to `NewControlPolicy`.
 *
 * @param request UpdateControlPolicyRequest
 * @return UpdateControlPolicyResponse
 */
async function updateControlPolicy(request: UpdateControlPolicyRequest): UpdateControlPolicyResponse {
  var runtime = new Util.RuntimeOptions{};
  return updateControlPolicyWithOptions(request, runtime);
}

model UpdateFolderRequest {
  folderId?: string(name='FolderId', description='The ID of the folder.

This parameter is required.', example='fd-u8B321****'),
  newFolderName?: string(name='NewFolderName', description='The new name of the folder.

The name must be 1 to 24 characters in length and can contain letters, digits, underscores (_), periods (.), and hyphens (-).

This parameter is required.', example='rdFolder'),
}

model UpdateFolderResponseBody = {
  folder?: {
    createTime?: string(name='CreateTime', description='The time when the folder was created.', example='2019-02-19T09:34:50.757Z'),
    folderId?: string(name='FolderId', description='The ID of the folder.', example='fd-u8B321****'),
    folderName?: string(name='FolderName', description='The name of the folder.', example='rdFolder'),
    parentFolderId?: string(name='ParentFolderId', description='The ID of the parent folder.', example='r-b1****'),
  }(name='Folder', description='The information of the folder.'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='C2CBCA30-C8DD-423E-B4AD-4FB694C9180C'),
}

model UpdateFolderResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: UpdateFolderResponseBody(name='body'),
}

/**
 * @param request UpdateFolderRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return UpdateFolderResponse
 */
async function updateFolderWithOptions(request: UpdateFolderRequest, runtime: Util.RuntimeOptions): UpdateFolderResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.folderId)) {
    query['FolderId'] = request.folderId;
  }
  if (!Util.isUnset(request.newFolderName)) {
    query['NewFolderName'] = request.newFolderName;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'UpdateFolder',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @param request UpdateFolderRequest
 * @return UpdateFolderResponse
 */
async function updateFolder(request: UpdateFolderRequest): UpdateFolderResponse {
  var runtime = new Util.RuntimeOptions{};
  return updateFolderWithOptions(request, runtime);
}

model UpdateResourceGroupRequest {
  newDisplayName?: string(name='NewDisplayName', description='The display name of the resource group.

The name must be 1 to 50 characters in length.

This parameter is required.', example='project'),
  resourceGroupId?: string(name='ResourceGroupId', description='The ID of the resource group.

You can call the [ListResourceGroups](https://help.aliyun.com/document_detail/158855.html) operation to obtain the ID.

This parameter is required.', example='rg-9gLOoK****'),
}

model UpdateResourceGroupResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='04F0F334-1335-436C-A1D7-6C044FE73368'),
  resourceGroup?: {
    accountId?: string(name='AccountId', description='The ID of the Alibaba Cloud account to which the resource group belongs.', example='123456789****'),
    createDate?: string(name='CreateDate', description='The time when the resource group was created. The time is displayed in UTC.', example='2015-01-23T12:33:18+08:00'),
    displayName?: string(name='DisplayName', description='The display name of the resource group.', example='project'),
    id?: string(name='Id', description='The ID of the resource group.', example='rg-9gLOoK****'),
    name?: string(name='Name', description='The unique identifier of the resource group.', example='my-project'),
  }(name='ResourceGroup', description='The information of the resource group.'),
}

model UpdateResourceGroupResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: UpdateResourceGroupResponseBody(name='body'),
}

/**
 * @description In this example, the display name of the resource group `rg-9gLOoK****` is changed to `project`.
 *
 * @param request UpdateResourceGroupRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return UpdateResourceGroupResponse
 */
async function updateResourceGroupWithOptions(request: UpdateResourceGroupRequest, runtime: Util.RuntimeOptions): UpdateResourceGroupResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.newDisplayName)) {
    query['NewDisplayName'] = request.newDisplayName;
  }
  if (!Util.isUnset(request.resourceGroupId)) {
    query['ResourceGroupId'] = request.resourceGroupId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'UpdateResourceGroup',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @description In this example, the display name of the resource group `rg-9gLOoK****` is changed to `project`.
 *
 * @param request UpdateResourceGroupRequest
 * @return UpdateResourceGroupResponse
 */
async function updateResourceGroup(request: UpdateResourceGroupRequest): UpdateResourceGroupResponse {
  var runtime = new Util.RuntimeOptions{};
  return updateResourceGroupWithOptions(request, runtime);
}

model UpdateRoleRequest {
  newAssumeRolePolicyDocument?: string(name='NewAssumeRolePolicyDocument', description='The document of the policy that specifies the trusted entity to assume the RAM role.', example='{ "Statement": [ { "Action": "sts:AssumeRole", "Effect": "Allow", "Principal": { "RAM": "acs:ram::12345678901234****:root" } } ], "Version": "1" }'),
  newDescription?: string(name='NewDescription', description='The description of the RAM role.

The description must be 1 to 1,024 characters in length.', example='ECS administrator'),
  newMaxSessionDuration?: long(name='NewMaxSessionDuration', description='The maximum session duration of the RAM role.

Unit: seconds. Valid values: 3600 to 43200. Default value: 3600.

If you do not specify this parameter, the default value is used.', example='3600'),
  roleName?: string(name='RoleName', description='The name of the RAM role.

The name must be 1 to 64 characters in length and can contain letters, digits, periods (.),and hyphens (-).

This parameter is required.', example='ECSAdmin'),
}

model UpdateRoleResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='04F0F334-1335-436C-A1D7-6C044FE73368'),
  role?: {
    arn?: string(name='Arn', description='The Alibaba Cloud Resource Name (ARN) of the RAM role.', example='acs:ram::123456789012****:role/ECSAdmin'),
    assumeRolePolicyDocument?: string(name='AssumeRolePolicyDocument', description='The document of the policy that specifies the trusted entity to assume the RAM role.', example='{ \\\\"Statement\\\\": [ { \\\\"Action\\\\": \\\\"sts:AssumeRole\\\\", \\\\"Effect\\\\": \\\\"Allow\\\\", \\\\"Principal\\\\": { \\\\"RAM\\\\": \\\\"acs:ram::12345678901234****:root\\\\" } } ], \\\\"Version\\\\": \\\\"1\\\\" }'),
    createDate?: string(name='CreateDate', description='The time when the RAM role was created.', example='2015-01-23T12:33:18Z'),
    description?: string(name='Description', description='The description of the RAM role.', example='ECS administrator'),
    maxSessionDuration?: long(name='MaxSessionDuration', description='The maximum session duration of the RAM role.', example='3600'),
    roleId?: string(name='RoleId', description='The ID of the RAM role.', example='90123456789****'),
    roleName?: string(name='RoleName', description='The name of the RAM role.', example='ECSAdmin'),
    rolePrincipalName?: string(name='RolePrincipalName', description='The name of the RAM role after authorization.', example='ECSAdmin@role.123456.onaliyunservice.com'),
    updateDate?: string(name='UpdateDate', description='The time when the RAM role was updated.', example='2016-01-23T12:33:18Z'),
  }(name='Role', description='The information of the RAM role.'),
}

model UpdateRoleResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: UpdateRoleResponseBody(name='body'),
}

/**
 * @summary Updates the information of a Resource Access Management (RAM) role.
 *
 * @description In this example, the description of the RAM role `ECSAdmin` is updated to `ECS administrator`.
 *
 * @param request UpdateRoleRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return UpdateRoleResponse
 */
async function updateRoleWithOptions(request: UpdateRoleRequest, runtime: Util.RuntimeOptions): UpdateRoleResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.newAssumeRolePolicyDocument)) {
    query['NewAssumeRolePolicyDocument'] = request.newAssumeRolePolicyDocument;
  }
  if (!Util.isUnset(request.newDescription)) {
    query['NewDescription'] = request.newDescription;
  }
  if (!Util.isUnset(request.newMaxSessionDuration)) {
    query['NewMaxSessionDuration'] = request.newMaxSessionDuration;
  }
  if (!Util.isUnset(request.roleName)) {
    query['RoleName'] = request.roleName;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'UpdateRole',
    version = '2020-03-31',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  if (Util.isUnset(@signatureVersion) || !Util.equalString(@signatureVersion, 'v4')) {
    return callApi(params, req, runtime);
  } else {
    return execute(params, req, runtime);
  }
}

/**
 * @summary Updates the information of a Resource Access Management (RAM) role.
 *
 * @description In this example, the description of the RAM role `ECSAdmin` is updated to `ECS administrator`.
 *
 * @param request UpdateRoleRequest
 * @return UpdateRoleResponse
 */
async function updateRole(request: UpdateRoleRequest): UpdateRoleResponse {
  var runtime = new Util.RuntimeOptions{};
  return updateRoleWithOptions(request, runtime);
}

